OnePlus has introduced a new bug bounty program and partnered with HackerOne to help improve its security efforts. The rewards for qualifying bug reports will range from $50 to $7,000 depending on the nature of the flaw. OnePlus states that it will join with academics and security experts to responsibly identify, reveal, and fix concerns that could change the security of OnePlus’ systems in the tomorrow.
The company has separately partnered with HackerOne as well to proactively defend against threats.
With the increase in phishing and hacking practices, OnePlus is proactively taking measures to prevent major security threats from potentially compromising user data. To this effect, it has introduced a new OnePlus Security Response Center that will engage with top security professionals and academics in the security industry to proactively scan, discover, and disclose any security threats in the OnePlus systems.
This new authoritative body will ensure that a streamlined process is maintained by the researcher and OnePlus for a seamless conversation to enable quick fixes for the discovered threat. As mentioned, the new OnePlus Security Response Center will offer bug bounty ranging from $50 to $7,000 to security experts who discover and report on potential threats to OnePlus’ systems through the new bug bounty program.
If a security researcher finds a threat, they can report it to the OnePlus official website, OnePlus Community forums or OnePlus applications. OnePlus has also introduced a new dedicated site for security experts to submit vulnerability reports, read the terms of the full program, and get the standardized form for reporting security issues. Technical experts at OnePlus will review the report and offer feedback accordingly.
Independently, OnePlus has also partnered with notable hacker-powered protection policies HackerOne to tap into their extended network of security specialists to surface the most appropriate security vulnerabilities before they can be utilized by external characters. This collaboration will start as a pilot program, inviting select researchers to test out OnePlus’ systems against potential threats. The program will go public later in 2020.
OnePlus looks to gain insight from top security researchers, academic scholars, and independent experts to help scan potential threats to OnePlus’ systems. These new proactive efforts from OnePlus are commendable, especially in times when unethical hacking practices are reported regularly. OnePlus is also efficient in rolling out security patches to its users, and was one of the first companies to bring Android 10 to its smartphone portfolio.
