Axis Communications, an approved Common Vulnerability and Exposures (CVE) Numbering Authority (CNA), is launching a private bug bounty programme with Bugcrowd, the pioneer in crowdsourced cybersecurity.
The private bug bounty programme strengthens Axis’ commitment to building professional relationships with external security researchers and ethical hackers. The new programme reinforces the company’s efforts to proactively identify, patch, and disclose vulnerabilities in AXIS OS, the Linux-based operating system that drives most Axis products.
Bug bounty programme
Axis Communications launches bug bounty programme with Bugcrowd to accelerate vulnerability management best practices.
Axis acknowledges the importance and hard work performed by security researchers
Axis acknowledges the importance and hard work performed by security researchers and ethical hackers and believes that long-term sustainable cybersecurity is created through collaboration and transparency. In working with Bugcrowd and its Security Knowledge Platform™, Axis will benefit from the company’s cybersecurity expertise, engineered software-as-a-service, and global network of ethical hackers. The relationship is an additional element of the transparent vulnerability management strategy at Axis.
Vulnerability management strategy
As part of the bug bounty programme:
- Leveraging its Crowdmatch™ AI-based matching technology, Bugcrowd will select and invite its registered researchers with relevant skills and experience, while Axis will make AXIS OS-based products available for testing.
- Researchers who discover vulnerabilities will be eligible to receive a ‘bounty’ cash reward with payments that will vary, depending on the severity of the vulnerability.
- Axis will then transparently disclose vulnerabilities externally and provide patches to affected AXIS OS versions accordingly.
- Axis welcomes interested security researchers and ethical hackers for participation in the bug bounty programme. Please request participation through the vulnerability reporting process.
‘Bugcrowd’, ‘Bugcrowd Security Knowledge Platform’, and ‘CrowdMatch’ are trademarks of Bugcrowd Inc. and its subsidiaries. All other trademarks, trade names, service marks, and logos referenced herein belong to their respective companies.