Axis acknowledges the importance and hard work performed by security researchers and ethical hackers and believes that long-term sustainable cyber security is created through collaboration and transparency. In working with Bugcrowd and its Security Knowledge Platform, Axis will benefit from the company’s cyber security expertise, engineered software-as-a-service, and global network of ethical hackers. The relationship is an additional element of the transparent vulnerability management strategy at Axis.
The bug bounty programme will follow the criteria below:
Leveraging its Crowdmatch AI-based matching technology, Bugcrowd will select and invite its registered researchers with relevant skills and experience, while Axis will make Axis OS-based products available for testing.
Researchers who discover vulnerabilities will be eligible to receive a “bounty” cash reward with payments that will vary, depending on the severity of the vulnerability.
Axis will then transparently disclose vulnerabilities externally and provide patches to affected Axis OS versions accordingly.
Axis welcomes interested security researchers and ethical hackers for participation in the bug bounty program, and encourages participation through the vulnerability reporting process.