HP Inc. announced the industry’s first print security bug bounty program in partnership with Bugcrowd, a crowdsourced offensive security firm, to manage vulnerability reporting, further enhancing HP’s business printer portfolio.
HP said that only 18 percent of companies monitors printers for threats.
“As we navigate an increasingly complex world of cyber threats, it’s paramount that industry leaders leverage every resource possible to deliver trusted, resilient security from the firmware up,” said Pallasena V Viswanath, managing director, HP Philippines. “HP is committed to engineering the most secure printers in the world.”
According to Bugcrowd’s recent report, the top emerging attackers are focused on endpoint devices, and the total print vulnerabilities across the industry have increased by 21 percent during the past year.
“CISOs (chief information security officers) are rarely involved in printing purchase decisions yet play a critical role in the overall health and security of their organization,” said Justine Bone, CEO, MedSec and Security Advisory Board member for HP. “For decades, HP has made cybersecurity a priority rather than an afterthought by engineering business printers with powerful layers of protection. And in doing so, HP is helping to support the valuable role CISOs play in organizations of every size.”
The Bug Bounty program includes:
- Vulnerabilities found by researchers in the private program are required to be reported to Bugcrowd.
- Reporting a vulnerability previously discovered by HP will be assessed, and a reward may be offered to researchers as a good faith payment.
- Bugcrowd will verify bugs and reward researchers based on the severity of the flaw and awards up to $10,000.
More on HP’s business print portfolio and security features can be found here.
Image from HP website.