In today’s technological life, secret information is often hacked without our knowledge. The big names are the victims of such hacking. Cybercriminals or hackers mainly carry out such manipulations with the help of viruses, malware or bugs. That’s why most companies hire cyber security researchers. Also, there are many organizations like Facebook and Microsoft that run ‘bug bounty programs’ through which bug bounty hunters or ethical hackers help technology companies find loopholes in their systems and receive large sums of money in return. Popular food delivery platform Zomato has been added to the list of such companies.
Zomato has called on security researchers and ethical hackers to find bugs on the company’s website and applications as part of its bug bounty program. The company noted that its security team will use the Common Vulnerability Scoring System (CVSS) to determine the severity of a vulnerability or error (i.e. how severe it is). The more serious a vulnerability, the more bounty or cash rewards a hacker will receive.
Zomato has categorized these vulnerabilities into four categories – low, medium, critical and high. For example, if you catch a critical error with CVSS 10.0, you will be paid $4,000 (approximately Rs. 2.99 lakhs), and if you find a critical error with CVSS 9.5, you will be rewarded with prize of $3,000. To participate in Zomato’s Bug Bounty program, two-factor authentication needs to be enabled.
Starting today, we’re increasing the rewards for @zomato's bug bounty program: $4,000 for critical, $2000 for high, and so on. We welcome your participation and look forward to your reports! Happy Hacking 🙂 Find more details here: https://t.co/OSvNH1q6Mm
— Yash Sodha (@y_sodha) July 8, 2021
“We attach great importance to the security of Zomato, and we are committed to keeping all our customers safe,” Zomato said in a statement to HackerOne. If you are a security researcher or expert and believe that you can identify security vulnerabilities included in Zomato’s website or applications, you are cordially invited to do so. If you identify these flaws and disclose them to us responsibly, we will appreciate the work as well as be grateful to you. ”
In addition, Zomato mentions in its Disclosure Policy that hackers or bounty hunters should notify the agency as soon as possible after discovering potential security issues. Because, Zomato needs to have enough time to resolve the issue before disclosing it to a third-party, so as not to violate any privacy and data protection rules.
Stay updated with every news, download Koustav WiFi News App on your mobile.
Get all Tech News related to news updates of latest mobile reviews apps, tablets, etc. Stay updated with us for all breaking news from Tech and more updated News.
