Axis Communications, an approved Common Vulnerability and Exposures (CVE) Numbering Authority (CNA), is launching a private bug bounty program with Bugcrowd, the leader in crowdsourced cybersecurity. The private bug bounty program strengthens Axis’ commitment to building professional relationships with external security researchers and ethical hackers. The new program reinforces the company’s efforts to proactively identify, patch, and disclose vulnerabilities in AXIS OS, the Linux-based operating system that drives most Axis products.
Axis acknowledges the importance and hard work performed by security researchers and ethical hackers and believes that long-term sustainable cybersecurity is created through collaboration and transparency. In working with Bugcrowd and its Security Knowledge Platform™, Axis will benefit from the company’s cybersecurity expertise, engineered software-as-a-service, and global network of ethical hackers. The relationship is an additional element of the transparent vulnerability management strategy at Axis.
As part of the bug bounty program:
- Leveraging its Crowdmatch™ AI-based matching technology, Bugcrowd will select and invite its registered researchers with relevant skills and experience, while Axis will make AXIS OS-based products available for testing
- Researchers who discover vulnerabilities will be eligible to receive a “bounty” cash reward with payments that will vary, depending on the severity of the vulnerability
- Axis will then transparently disclose vulnerabilities externally and provide patches to affected AXIS OS versions accordingly
Axis welcomes interested security researchers and ethical hackers for participation in the bug bounty program. Please request participation through the vulnerability reporting process.
“Bugcrowd”, “Bugcrowd Security Knowledge Platform” and “CrowdMatch” are trademarks of Bugcrowd Inc. and its subsidiaries. All other trademarks, trade names, service marks and logos referenced herein belong to their respective companies.