HP launches printer bug bounty program

null

In an effort to deliver the world's most secure printers, HP has launched the industry's first print security bug bounty program.

The company partnered with Bugcrowd to verify bugs and will reward researchers based on the severity of the flaws they discover with awards of up to $10,000.

HP's Chief Technologist of Print Security, Shivaun Albright explained why the company launched its new printer-focused bug bounty campaign in a statement, saying:

“As we navigate an increasingly complex world of cyber threats, it’s paramount that industry leaders leverage every resource possible to deliver trusted, resilient security from the firmware up. HP is committed to engineering the most secure printers in the world.” 

A recent report from Bugcrowd revealed that the top emerging attackers are focused on endpoint devices and that the total print vulnerabilities across the industry have increased by 21 per cent during the past year.

Previously discovered vulnerabilities can also be reported to HP and a reward may be offered to researchers as a good faith payment. All new vulnerabilities discovered are required to be reported to Bugcrowd which will then verify them and offer a reward of up to $10,000 based on the severity of each flaw.

In the same way that businesses are clamping down on the security of their software through bug bounty programs, HP hopes to ensure that its printers are the safest in the industry by patching known exploits.

If HP's new bug bounty program proves successful, we will likely see other manufacturers follow suite with bug bounty programs of their own.

Image source: Ken Wolter / Shutterstock