HP Inc. has announced the very first bug bounty program for printers, partnering with Bugcrowd to manage vulnerability reporting.
The company has become the first to invest in a dedicated printing services bug bounty scheme, and will be offering rewards of up to $10,000 for researchers who correctly report vulnerabilities – based on the severity of the flaws discovered.
The news comes at a time when cyber-criminals are increasingly targeting endpoint devices in their attacks, which was highlighted in Bugcrowd’s recent 2018 State of Bug Bounty Report. That research revealed that print vulnerabilities across the industry had increased by 21% in the last year.
“As we navigate an increasingly complex world of cyber-threats, it’s paramount that industry leaders leverage every resource possible to deliver trusted, resilient security from the firmware up,” said Shivaun Albright, HP’s chief technologist of print security. “HP is committed to engineering the most secure printers in the world.”
Justine Bone, CEO, MedSec and security advisory board member for HP, added: “CISOs are rarely involved in printing purchase decisions, yet play a critical role in the overall health and security of their organization. For decades, HP has made cybersecurity a priority rather than an afterthought by engineering business printers with powerful layers of protection. And in doing so, HP is helping to support the valuable role CISOs play in organizations of every size.”