Bug bounty programs are a great initiative to recognize cybersecurity researchers for their efforts to highlight bugs in various platforms. Acknowledging this rewarding scheme, and realizing the vulnerabilities associated with printers, HP announced a bug bounty program specifically directed towards its printers.
HP Announced Bug Bounty Program For HP Printers
On Tuesday, HP announced a bug bounty program for researchers pointing out bugs in HP printers. Reportedly, HP has launched the first-ever bug bounty program meant for printers. The researchers will be awarded up to $10,000 for identifying bugs in its printers.
HP announced the bug bounty in a press release, where it informed its collaboration with Bugcrowd, a security crowdsourcing firm.
“HP selected Bugcrowd, a global leader in crowdsourced offensive security, to manage vulnerability reporting, further enhancing HP’s business printer portfolio. With HP’s extensive history of device security innovation and driving new industry security standards, this print-focused bug bounty program is yet another way HP is leading the way when it comes to providing the highest-level security for its customers and partners.”
First-Ever Print Security Bug Bounty Program
Although, several organizations have started bug bounty programs to reward researchers. Yet, none of them ever bothered to focus on printer security. Hence, HP becomes the pioneer of print bug bounty programs.
HP has been actively working towards developing the most secure printers. As stated by Shivaun Albright, Chief Technologist of Print Security at HP,
“As we navigate an increasingly complex world of cyber threats, it’s paramount that industry leaders leverage every resource possible to deliver trusted, resilient security from the firmware up. HP is committed to engineering the most secure printers in the world.”
Indeed, keeping in view the intelligence of bad actors, no one can rule out the fact that anything connected on a network is hackable – this includes printers too. Thus, HP sets out to present a range of secure printers equipped with the ability to fight back security threats.
If someone notices a bug, the researcher would report it to Bugcrowd for verification. If the claim appears valid, HP and Bugcrowd will decide about the rewards. Even if a researcher reports a vulnerability already discovered by HP, they may still consider rewarding the researcher as a “good faith payment”.
Are you tempted to take up the challenge? Why do you think it has taken so long for a print security bug bounty? Let us know your thoughts in the comments section.