Home / / HP targets print security with bug bounty program

HP targets print security with bug bounty program

Total print vulnerabilities across the industry have increased by more than a fifth during the past year.

HP targets print security with bug bounty program
Endpoint devices such as printers increasingly seen as soft targets through which to access corporate networks.

HP Inc. has announced bug bounty program aimed at print security, with awards of up to $10,000 to for vulnerability identification.

HP selected Bugcrowd, a crowdsourced offensive security company, to manage vulnerability reporting, further enhancing HP’s business printer portfolio.

“As we navigate an increasingly complex world of cyber threats, it’s paramount that industry leaders leverage every resource possible to deliver trusted, resilient security from the firmware up,” said Shivaun Albright, HP's chief technologist of print security. “HP is committed to engineering the most secure printers in the world.”

HP is the first company to invest in a dedicated bug bounty program for printing devices, offering customers protection from attacks that are targeting both businesses and employees. According to Bugcrowd’s recent report, the top emerging attackers are focused on endpoint devices, and the total print vulnerabilities across the industry have increased 21% during the past year.

“CISOs are rarely involved in printing purchase decisions yet play a critical role in the overall health and security of their organisation,” observed Justine Bone, CEO, MedSec and security advisory board member for HP.

The Bug Bounty program includes, vulnerabilities found by researchers in the private program are required to be reported to Bugcrowd; reporting a vulnerability previously discovered by HP will be assessed, and a reward may be offered to researchers as a good faith payment; and, Bugcrowd will verify bugs and reward researchers based on the severity of the flaw and awards up to $10,000.

Follow us to get the most comprehensive IT infrastructure news delivered fresh from our social media accounts on Facebook, Twitter, Youtube, and listen to our Weekly Podcast. Click here to sign up for our weekly newsletter on curated technology news in the Middle East and Worldwide.

REGISTER NOW | Webinar Event | Security you can bank on – Safeguarding the Middle East’s financial sector

Presented in partnership with security and network specialist Cybereason, the second in the three part webinar series will bring together a panel of experts to discuss how banks and financial institutions are evolving their service offering while simultaneously staying one step ahead of the cyber criminals who seek to bring their operations crashing to the ground.