NordVPN has officially launched its bug bounty program. Bug bounty programs invite ethical hackers to catch potential security vulnerabilities, report them to service providers and get monetary rewards. “At NordVPN, we seek to make our infrastructure — and customers’ data — as secure as possible. And community participation is essential for reaching this goal,” says Ruby Gonzalez, Head of Communications at NordVPN.
According to the company’s Head of Communications, this program aims to encourage researchers to analyze NordVPN’s website, applications, and services. Their efforts will help the provider boost the quality and security of its product. This way, bounty hunters get cash rewards, and users get a service they know is scoured for bugs by thousands of people every day to make it as secure as possible.
NordVPN’s bounties can range from $100 for minor issues to over $5,000 for critical flaws. All the findings must be reported using the HackerOne platform. NordVPN accepts findings related to its applications, servers, backend services, website, and more. Bug bounty hunters do not need to worry about possible legal action against them as long as they keep their penetration testing ethical.