By Athena Peterson Aug 11, 2020Program Spotlight: Bitdefender About Bitdefender:Bitdefender is a global leader in cybersecurity, protecting over 500 million systems for more than 18 years in more than 150 countries. Powered by its depth of security expertise and rapid pace of research and development, Bitdefender’s long-standing mission is to deliver transformative security technologies to the world’s users and organizations. About the Program: Bitdefender’s public bug bounty program is focused on identifying vulnerabilities and any assets (infrastructure or products) bearing the Bitdefender brand. Currently the program wants to put a particular spotlight on a new billing and subscription platform and as such, is running a promotion offering substantially increased rewards for any P1 and P2 vulnerabilities found there. What’s In It For You: They are currently running a reward event where they have increased their P1 and P2 rewards by 50% for any findings in the new billing and subscription service. The specific targets that are a part of this reward event include: Checkout service: https://checkout-service.bitdefender.comCheckout sdk: https://checkout-sdk.bitdefender.comCentral Integration: https://central.bitdefender.com/subscriptions/servicesThe reward ranges for bugs found on these targets are: Technical SeverityLow RewardHigh RewardP1$4,650$7,500P2$2,000$4,500P3$200$500P4$100$200Scope: Assets in scope of the main Bitdefender program include: *.bitdefender.com*.bitdefender.netBitdefender Total Security 2020Bitdefender GravityZone Business SecurityBitdefender Antimalware EnginesSkills: This is an attractive program for anyone with skills as a web focused pentester.What Can You Expect From This Program:When working with the Bitdefender team, you can expect them to: Extend Safe Harbor for your vulnerability research Work with you to understand and validate your report, including a timely initial response to the submissionWork to remediate discovered vulnerabilities in a timely mannerRecognize your contribution to improving their security Interested in learning more? Portswigger’s Web Security Academy: https://portswigger.net/web-securityCyber Mentor’s video course on Web Application Hacking: https://www.youtube.com/watch?v=24fHLWXGS-MOWASP’s Mobile Security Guide: https://owasp.org/www-project-mobile-security-testing-guide/ Tags:Topics:Researcher ResourcesThought LeadershipProduct UpdatesGuest BlogsBug Bounty ManagementSuccess StoriesResearcher SpotlightCustomer Case StudyProduct Spotlight Athena PetersonSenior Customer Experience Marketing Manager at Bugcrowd Recent Posts