Cyber security firm Kaspersky Lab is offering rewards of up to $100,000 for the discovery and disclosure of severe vulnerabilities in some of its new products.
Kaspersky Lab said the company’s Global Transparency Initiative is available to all members of the HackerOne platform, Kaspersky Lab’s partner for the bug bounty initiative. The Internet security company claims that this is a 20-fold increase on existing rewards.
Kaspersky will give the top reward for the discovery of bugs that enable remote code execution via the product database update channel, with the launch of malware code taking place silently from the user in the product’s high privilege process and being able to survive the reboot of the system.
The Russia-based cyber security firm said it will reward ranging from $5,000 to $20,000 depending on the level of complexity of a vulnerability for vulnerabilities allowing other types of remote code execution will be awarded bounties.
In addition, there will be bounty payouts for bugs allowing local privilege escalation or leading to sensitive data disclosure.
Rewards are available for the discovery of previously unknown vulnerabilities in products such as Kaspersky Internet Security 2019 (the most recent beta) and Kaspersky Endpoint Security 11 (the most recent beta), running on Desktop Windows version 8.1 or higher, with the most recent updates installed.