SO the rewards for the vulnerabilities they find will be redirected to UNICEF United Nations Children’s Fund Marten Mickos CEO of the HackerOne platform tweeted. And by the end of March according to several domestic security experts all Russian and Belarusian hackers were removed from HackerOne. TO WHOM AND WHY ALL THIS IS NECESSARY? Analysts of the TAdviseru edition declare that Yandex Ozon VK and Tinkoff bank work in Russia under the Bug Bounty program. Most of them offered payouts through the HackerOne platform. However every cloud has a silver lining: the processes of import substitution very quickly penetrated into this sphere of information security.

The maximum amount of remuneration

The prices of domestic platforms are already worthy even by international standards so the specialists who will look for vulnerabilities should be very professional said Fedor Dbar commercial director of Security Code in a commentary to RBu on March .  for a critical vulnerability in Latvia Mobile Number List one of the April programs was already million rubles. So what is Bug Bounty and why such serious passions flared up around her? Among the users of the habru portal it is widely believed that this is a kind of set of rules for interaction with the company’s information resources.

Team Operations have a time frame

Usually it includes the rules of the program a list of resources a description of accepted vulnerabilities and the amount of remuneration. In the classic version this is a description of what can be broken and how much a bughunter will receive for a particular USB Directory vulnerability. Sergei Gilev head of security analysis at Angara Security continued: First of all participation in all this can be interesting because participation in Bug Bounty is not limited in time. It is a well-known fact that the  or Red at least there is always a contract for the provision of services.