HP Launches First ‘Bug-Bounty’ Vulnerability Reporting for Printers and Copiers
HP Inc. today announced the industry’s first “bug bounty program” for printers and copier/MFPs, a move it says underscores its commitment to providing the world’s most secure printers. Under the program, researchers who spot vulnerabilities in its HP printers and copier/MFPs may receive rewards of up to $10,000.
HP selected Bugcrowd, a provider of crowd-sourced offensive security, to manage vulnerability reporting, which it says will further enhance its business-printer/copier portfolio.
The firm says that with its extensive history of device-security innovation and new industry security standards, this print-focused bug-bounty program is yet another way it’s leading the way when it comes to providing the highest-level security for its customers and partners.
According to HP, it’s the first company to invest in a dedicated bug-bounty program for printing devices, offering customers protection from attacks that target both businesses and employees. According to Bugcrowd’s recent report, the top emerging attackers are focused on endpoint devices such as printers, and the total print vulnerabilities across the industry have increased 21 percent during the past year.
Justine Bone, CEO, MedSec and Security Advisory Board member for HP, commented: “CISOs are rarely involved in printing-purchase decisions yet play a critical role in the overall health and security of their organization. For decades, HP has made cybersecurity a priority rather than an afterthought by engineering business printers with powerful layers of protection. And in doing so, HP is helping to support the valuable role CISOs play in organizations of every size.”
The Bug Bounty program includes:
- Vulnerabilities found by researchers in the private program are required to be reported to Bugcrowd.
- Reporting a vulnerability previously discovered by HP will be assessed, and a reward may be offered to researchers as a good faith payment.
- Bugcrowd will verify bugs and reward researchers based on the severity of the flaw with awards up to $10,000.
More information on HP’s business printer portfolio and security features can be found here.
- April 2018: HP Updates on New Dealer Progress, A3 Managed PageWides, Accessibility, Security
- April 2018: HP Launches New A3 PageWide MFPs with Document Finishing, Expands Printer Security, and More
- April 2018: HP Adds Independent Dealer ImageNet Consulting for HP A3 Copier/MFPs
- March 2018: VLCM Becomes First Utah-based HP A3 Copier/MFP Dealer
- February 2018: ‘Print My Calendar:’ HP Introduces Voice-Activated Printing
- January 2018: HP Unveils Samsung Printers, MFPs, on HP Web Site
- September 2017: New HP Roam Mobile, Cloud Printing; Connection Inspector Security; A3 PageWide MFPs
- October 2017: A Look at HP’s New Connection Inspector Security Solution with Continuous Monitoring, Printer Self Healing