Once available only to the cybersecurity community, Acronis has opened its bug-hunting program to the public and aims to double the total bounties paid.
Acronis, the Swiss-Singaporean cyber protection company, has recently opened its long-standing bug bounty program to the public at large – now able to process twice as many reports. Users who discover vulnerabilities in Acronis’ software can earn up to $5,000, as well as additional perks.
Through the HackerOne platform, Acronis has worked closely with the security community to improve the protection capabilities of its products since 2018 – paying ethical hackers and penetration testers for any security flaws they uncover and report. Bug bounty programs like this are a popular practice around the world, and an essential tool in strengthening defenses against cutting-edge threats.
In expanding the program, Acronis is inviting everyone to contribute and help improve the company’s cyber protection products.
“We welcome everyone to try out the Acronis bug bounty program — we consider it critical to our security stack, and intend to put it front and center,” said Kevin Reed, Acronis’ Chief Information Security Officer. “Reviewers can earn more with our cloud products, but immediate payouts, public recognition, publication in renowned magazines, platform boosts, corporate merchandise, and other perks are an added bonus available for reviewing any of the listed products.”
The process is simple: review the solution, find a security issue, report it, and get paid for your contribution upon validation. Acronis emphasizes prompt communication, quick payments and an open bug fixing culture – with 99% of its reports meeting HackerOne’s response standards. The company highlights an improved internal bug fixing mechanism leading to much shorter response time. It has also released its Acronis Advisory Database – a service dedicated to tracking information about vulnerabilities in the company’s products and corresponding security updates. With the updated mechanism, Acronis is determined to double the amount of bugs detected, processed, and fixed by 2022.
Rewards doubled for consumer product
To celebrate the renaming of Acronis Cyber Protect Home Office (formerly Acronis True Image), Acronis is doubling the payouts for any vulnerabilities found in the company’s personal protection solution — raising the range of bounties for this product to $300–1,000, depending on the severity of the vulnerability discovered. This offer remains open until the end of 2021.
Users interested in testing Acronis Cyber Protect Home Office can purchase it at acronis.com. A limited-use trial is available as well. Delivering complete cyber protection for home computers, it has been relied on by hundreds of millions of remote workers since the pandemic hit in 2020.
For more information on the Acronis bug bounty program, visit the company’s page on HackerOne.