United Hackers Given a Million Free Air Miles

Uploaded on 2015-07-24 in FREE TO VIEW, NEWS-Cybersecurity News

US airline United has rewarded two hackers who spotted security holes in its website with a million free flight miles each. The flight provider operates a "bug bounty" scheme that rewards hackers for privately disclosing security flaws rather than sharing them online.
It has given the maximum reward of a million flight miles, worth dozens of trips, to two people. One security expert said the scheme was a big step forward for online security. "Schemes like this reward hackers for finding and disclosing problems in the right way. That makes the internet safer for all of us," said security consultant Dr Jessica Barker.
In return for receiving their flight rewards, hackers are forbidden from revealing the nature of the security holes they discovered.
"We believe that this program will further bolster our security and allow us to continue to provide excellent service," United said on its website.
The idea of responsible disclosure, reporting issues and giving companies time to fix them, is not new. Big technology companies such as Yahoo, Google and Facebook offer hackers cash incentives to report bugs privately.
BBC: http://bbc.in/1e4waFn

« UK Government £1m scheme for SMEs to Fight Cyber Attacks

Public-Private Partnerships in the Cyber Domain »

CyberSecurity Jobsite

Perimeter 81

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Mellanox Technologies

Mellanox Technologies is a leading supplier of end-to-end Ethernet and InfiniBand intelligent interconnect solutions and services for servers, storage, and hyper-converged infrastructure.

Security Innovation

Security Innovation is a leader in software security assessments and application security training to top organizations worldwide.

Kenexis

Kenexis is a consulting engineering firm providing services for process hazards analysis, fire and gas mapping, and industrial cybersecurity.

ES2

ES2 is a consulting organisation specialising in Enterprise Security and Solutions Services.

MyCyberSecurity Clinic (MyCSC)

MyCyberSecurity Clinic's main goal is toward establishing an international reference centre for excellence in the field of digital forensics and data recovery services.

Netsecurity AS

Netsecurity is a Norwegian owned company focused and specialised within IT security and cybersecurity-as-a service.

Adaptive Shield

Addaptive Shield - Complete Control For Your SaaS Security. Proactively find and fix weaknesses across your SaaS platforms.

StartupXseed Ventures

StartupXseed Ventures is a smart capital provider for Deep Tech, B2B, Early Stage Startups. We support, NextGen Tech Entrepreneurs, who have potential to deliver the outsized growth.

Servian

Servian is one of Australia's leading IT consultancies, with expertise in cloud, data, machine learning, DevOps and cybersecurity.

Redhorse

Redhorse provides top-tier consulting to help clients address mission-critical government problems in National Security, Networking Technology, Energy and the Environment.

Tech Vedika

Tech Vedika has access to technical guidance, training and resources from AWS to successfully undertake solution architecture, application development, application migration, and managed services.

Sonet.io

Sonet.io is built for IT leaders that want a great experience for their remote workers, while enhancing security and observability.

ZEUSS

ZEUSS is a diversified data center, cybersecurity, and green energy company.

Pointsharp

Pointsharp delivers software and services that help organizations secure data, identities, and access in a user-friendly way.

Uptime Institute

Uptime Institute is an unbiased advisory organization focused on improving the performance, efficiency, and reliability of business critical infrastructure.

Kolide

Kolide ensures that if a device isn't secure, it can't access your apps.