Expecting High-Quality Vulnerability Collection from Domestic and International White Hackers and Experts
Cybersecurity company Ginians announced on the 21st that it will unify its bug bounty vulnerability reporting method and continue to expand its overseas operations.
'Bug bounty' is a system that rewards individuals who discover and report vulnerabilities in software or web services. It helps prevent cyberattacks that exploit security weaknesses in advance, while also contributing to the development of next-generation security experts such as white-hat hackers.
Since March 2022, Ginians has independently operated a bug bounty program targeting its Network Access Control (NAC) solution and Cloud Customer Management Service (CSM). By adopting a domestic bug bounty specialized platform, it expanded the scope of reports to include Ginians' products and services.
When new vulnerabilities are reported through the bug bounty program, Ginians quickly resolves them through internal analysis, then announces them on its website according to the level of attack risk and proceeds with patches for client companies. From March 2022 to the end of last year, a total of 546 reports were received, and 105 vulnerabilities were identified and addressed. Approximately 70% of Ginians' bug bounty reports come from overseas, and the proportion of reporters continues to increase.
To efficiently collect vulnerabilities, Ginians has renewed its contract with the bug bounty specialized platform. Ginians explained that collaboration with the bug bounty platform enables rapid response to product vulnerabilities.
Ginians plans to unify the vulnerability reporting method through collaboration with the bug bounty specialized platform and collect high-quality information from a wider range of domestic and international white-hat hackers and experts. The scope of bug bounty operations will be expanded overseas.
Previously, vulnerability reports were managed both through Ginians' own Google Form and the bug bounty platform, but starting this year, all reports have been consolidated through the platform's website. The platform's submission form restricts reports if required fields are not filled out, preventing confusion caused by meaningless information and enabling the collection of high-quality vulnerabilities.
Kim Seong-cheol, Executive Director of Ginians' Research Planning Office, said, "The insights and suggestions from experts gained through the bug bounty program have greatly contributed to making our products more robust." He added, "We are continuously striving to expand the scope of bug bounty reports and will provide a safer security environment through rapid response to vulnerabilities and product advancement."
© The Asia Business Daily(www.asiae.co.kr). All rights reserved.
