NordVPN has recently announced major security upgrades. The changes came following a security breach that hit the firm in the previous week. Though it didn’t cause much damage, NordVPN announced that their bug bounty program will launch soon.
NordVPN Announced Bug Bounty Program
In a recent blog post, NordVPN has announced the launch of a bug bounty program. The program will help the firm in proactive detection and curation of security vulnerabilities. As stated in their post,
Our job is to anticipate and prevent bugs before they ever go live. If one does slip past us, the next best line of defense is a vigilant and engaged cybersec community prepared to help catch and fix it before it puts anyone at risk.
The announcement came following a security incident targeting a third-party server. Though the incident had no direct link with the firm’s IT infrastructure, it did somehow affected NordVPN. The firm noticed the affected server during an internal audit and took appropriate security measures.
While they disclosed the incident, they also indicated their plans to launch the bug bounty program, which they’ve now confirmed. The program will officially begin in the next two weeks.
Other Security Measures After The Data Breach
In addition to the bug bounty program, the firm has also disclosed other security changes. One such noteworthy step is partnering with the US-based cybersecurity firm VerSprite.
They have also planned a full-scale third-party security audit for the next year. The audit will involve a detailed assessment of VPN software, backend architecture and source code, infrastructure hardware and other internal procedures.
Moreover, NordVPN is also planning other upgrades, such as setting up a dedicated network of ‘collocated servers’ exclusive to NordVPN, and the transition to RAM servers to ditch local data storage.