Why is Kiteworks running this program promotion?

Sensitive content communications remain largely an unrecognized risk-management gap. This gap would only continue to widen if it remains unaddressed and leave thousands of organizations vulnerable to the exposure of private, confidential, and critical information.

Kiteworks’ mission is to empower our customers to ensure regulatory compliance and effectively manage risk in every send, share, receive, and save of sensitive content.

Kiteworks prevents data breaches and compliance violations from third-party cyber risk. CIOs and CISOs rely on Kiteworks for complete visibility, security and control over the communication of IP, PII, PHI, and other sensitive content across email, file sharing, mobile, enterprise apps, web portals, SFTP, and automated inter-business workflows. By consolidating security across third-party communication channels, Kiteworks simplifies complex infrastructure and reduces costs, while improving the user experience. When employees click the Kiteworks button, they know it’s a safe, secure way to share sensitive information with the outside world.

By launching this program promotion with BugCrowd:

➢ We are leveraging the richness and diversity of an entire crowd of ethical hackers, which offers the spectrum of skills required to cover the full range of web application perimeters within Kiteworks.

➢ We aim to enhance Kiteworks’ security posture and tackle new challenges brought about by sensitive content communications.

➢ Special attention will be paid to unauthenticated SQL Injection and remote code execution vulnerabilities with severity levels of “high” or “critical,” respectively

We are excited to continue to work with ethical hackers in identifying new attack methods and countering them.

What are the expected outcomes Kiteworks is hoping to achieve?

➢ We hope to:

o Enhance Kiteworks’ security posture

o Reach more ethical hackers with a myriad set of skills

o Discover more vulnerabilities in a shorter time

o Achieve a faster vulnerability remediation cycle

o Demonstrate security commitment to our clients

What skills or techniques would a researcher benefit from when hunting on Kiteworks?

This is an attractive program for anyone with skills in:

➢ Web Application Security

➢ API Security

➢ OAuth Security

➢ Web Application Firewall

➢ Mobile device applications for iOS and Android

➢ Security in Outlook Plugins

We require the following type of researchers:

➢ Those that can demonstrate a clear impact – Kiteworks wants to quickly determine the severity of an issue under the initial review.

➢ Individuals wishing to enhance their skills and anyone up for a challenge.