Virtual private network has announced the availability of a public bug bounty program on BugCrowd, offering up to $1,250 per bug, depending on the bug submission.
Providing a highly secure VPN service to users is critical in today’s online world. PIA’s bug bounty program reflects this, working with the valuable input of individuals acting in good faith to maintain a high standard of security and privacy for users, empowering them to go about their life online without fear or concern.
PIA’s bug bounty program will cover all aspects of the company’s infrastructure and applications, including its server architecture, platform and mobile applications, and website presence. The program uses the BugCrowd Vulnerability Rating Taxonomy to rank the different criticality levels of bugs uncovered. In line with this, PIA will offer different levels of bounty based on different levels of technical severity.
“We’ve long prided ourselves in being one of the most transparent VPN providers in the market. It’s why all our apps are 100% open source, so people can see for themselves how everything works and feel confident in the security provided. Introducing a public bug bounty via BugCrowd is the next step in our ongoing commitment to deliver a secure, transparent VPN service to our customers,” commented John Mair, Engineering Lead, PIA.
“We look forward to expanding our work with the wider security community through our bug bounty program, building new trusted partnerships as we work together to achieve a common goal of making the online world more secure for everyone.”
PIA’s new public bug bounty program will sit alongside the company’s existing vulnerability disclosure program. Across its programs, PIA will accept vulnerability disclosures from all sources, including independent security researchers, industry partners, vendors, customers, and consultants.