Hot on the heels of a $6 million seed funding round, cybersecurity startup SquareX today announced a six-week bug bounty program focused on its new cloud-based browser security solution.
Integrating with the browser as an extension, the solution protects users from malware and also allows them to remain private online, through temporary containers that SquareX calls ‘disposable browsers’.
Headless browsers running in data centers, these containers keep users safe from threats when they check emails, stream content, create documents, or access banking and ecommerce accounts.
Singapore-based SquareX has made its solution available in beta to a limited number of users and is now looking for help in identifying and squashing security bugs in its product as it is gearing up for the official launch.
Running from June 15 to July 27, the bug bounty program welcomes hackers, security researchers, and the wider community to test the browser-based solution and report any security defects that might emerge.
As part of the program, SquareX promises a total of $25,000 in bug bounty rewards to the reporting researchers.
The highest payout is $2,000, for critical-severity vulnerabilities. Reporting researchers may earn $1,000 for high-severity issues, $500 for medium-severity bugs, and $100 for low-severity flaws.
Within the scope of the program, SquareX lists the malware.rip and malwareriplabs.com websites and subdomains, along with the Disposable File Viewer launched via malware.rip.
Reports are accepted for container escapes, internet access within the container, flaws allowing access to other user sessions, attacks on Kubernetes, and bugs allowing extended lifetime of the container.
The reports, the company says, should include information on the impacted web application, a description of the flaw and its impact, steps to replicate the issue, proof-of-concept code, and screenshots or video recordings of the problem.
Reporting researchers may also need to provide copies of an identity card and PayPal account details, when asked.
Additional information can be found on the bug bounty program’s web page.
Related: Adobe Inviting Researchers to Private Bug Bounty Program
Related: Google Launches Bug Bounty Program for Mobile Applications
Related: QNAP Offering $20,000 Rewards via New Bug Bounty Program
More from Ionut Arghire
- Generative AI Startup Nexusflow Raises $10.6 Million
- Researchers Extract Sounds From Still Images on Smartphone Cameras
- Hackers Set Sights on Apache NiFi Flaw That Exposes Many Organizations to Attacks
- Cloudflare Users Exposed to Attacks Launched From Within Cloudflare: Researchers
- FBI Warns Organizations of Dual Ransomware, Wiper Attacks
- Lumu Raises $30 Million for Threat Detection and Response Platform
- Cisco Warns of IOS Software Zero-Day Exploitation Attempts
- Russian Zero-Day Acquisition Firm Offers $20 Million for Android, iOS Exploits
Latest News
- Bankrupt IronNet Shuts Down Operations
- AWS Using MadPot Decoy System to Disrupt APTs, Botnets
- Generative AI Startup Nexusflow Raises $10.6 Million
- In Other News: RSA Encryption Attack, Meta AI Privacy, ShinyHunters Hacker Guilty Plea
- Researchers Extract Sounds From Still Images on Smartphone Cameras
- National Security Agency is Starting an Artificial Intelligence Security Center
- CISA Warns of Old JBoss RichFaces Vulnerability Being Exploited in Attacks
- Hackers Set Sights on Apache NiFi Flaw That Exposes Many Organizations to Attacks
