Editor’s Brief: OnePlus, a popular handset vendor in continental Europe, has announced a bug bounty program in partnership with industry-recognized ethical hacking and bug bounty platform vendor HackerOne, to leverage on the thousands of available ethical hackers under HackerOne’s wing, to improve OnePlus’ security footprint and reduce vulnerabilities before they can be found and possibly exploited. The vendor’s news release is found below.
OnePlus Offers New Bug Bounty Program and Partnership with Security Platform HackerOne
SINGAPORE, @mcgallen #microwireinfo, December 20, 2019 — OnePlus, a global mobile company, announced today the launch of two new initiative to protect users from cyber threats. The new OnePlus Security Response Centre will offer a bug bounty to security experts who discover and report on potential threats to OnePlus’ systems. The new partnership with HackerOne, a renowned hacker-powered security platform, will tap into their extensive network of security experts to surface the most relevant security vulnerabilities before they can be exploited by external actors.
“OnePlus values system security and the privacy of all customer information that has been entrusted to us,” said Pete Lau, CEO and Founder of OnePlus. “The two projects demonstrate OnePlus’ commitment to create more secure systems and data lifecycles.”
OnePlus Security Response Centre
OnePlus Security Response Centre will engage academics and security professionals to responsibly discover, disclose and remediate issues that could affect the security of OnePlus’ systems, and will help OnePlus proactively counter potential external threats to user security. Security researchers around the world can proactively search for and report OnePlus-related security issues through the new bug bounty program. Rewards for qualifying bugs reports will range from US$50 to US$7,000, depending on the potential impact of the threat.
Security researchers are encouraged to report any potential threats to the OnePlus official website, OnePlus Community forums and OnePlus Applications. Reports will be reviewed by OnePlus technical experts.
Security professionals are invited to visit security.oneplus.com for the terms of the full program and a standardised form for reporting security issues.
Joining Hands with HackerOne
The collaboration with HackerOne will enable OnePlus to gain insight from top security researchers, academic scholars and independent experts to better uncover potential threats to OnePlus’ systems.
The HackerOne collaboration will start as a pilot program, inviting select researchers to test out OnePlus’ systems against potential threats. A public version of the program is slated to go live later in 2020.
All invited researchers will submit their reports through HackerOne.
OnePlus is a global mobile technology company challenging conventional concepts of technology. Created around the “Never Settle” mantra, OnePlus creates exquisitely designed devices with premium build quality and high-performance hardware. OnePlus thrives on cultivating strong bonds and growing together with its community of users and fans. For more information, please visit OnePlus.com, or follow OnePlus on Facebook, Twitter, Instagram, Reddit and YouTube.
HackerOne is the #1 hacker-powered pentest & bug bounty platform, helping organisations find and fix critical vulnerabilities before they can be exploited. More Fortune 500 and Forbes Global 1000 companies trust HackerOne than any other hacker-powered security alternative. With about 1,700 customer programs, including The U.S. Department of Defense, General Motors, Google, Goldman Sachs, PayPal, Hyatt, Twitter, GitHub, Nintendo, Lufthansa, Microsoft, MINDEF Singapore, Panasonic Avionics, Qualcomm, Starbucks, Dropbox, Intel, HackerOne has helped to find over 145,000 vulnerabilities and award more than $75M in bug bounties to a growing community of over 590,000 hackers. HackerOne is headquartered in San Francisco with offices in London, New York, the Netherlands, France and Singapore.