MIT Security - Alpha Phase of Bug Bounty Program in April 2016 | Vulnerability Magazine - Acknoweldgements, Bug Bounties & Security Research

MIT Security - Alpha Phase of Bug Bounty Program in April 2016

In april 2016 the well known MIT EDU started a new official bug bounty program. The MIT Bug Bounty program is an experimental program aiming to improve MIT's online security and foster a community for students to research and test the limits of cyber security in a responsible fashion.

In- Scope Domains

In-Scope Vulnerabilities

Remote Code Execution (RCE)
SQL Injection
Authorization bypass / escalation
Information Leaks
Cross Site Scripting (XSS)
Cross Site Request Forgery (CSRF)

Out-of-Scope Vulnerabilities

Any bug that does not pose a real or demonstrable security risk
Denial Of Service Attacks (DOS)
Social Engineering
Physical exploits of our servers or network
Local network-based exploits such as DNS poisoning or ARP spoofing

The program runs actually in an alpha-testing mode without commercial rewards. In the alpha version the researchers must to request a kerberos account to submit a security ticket. During the next months the program will change to a commercial oriented model to reward security researchers permanently. Feel free to register with the program or report your prepared issues by mail to the mit edu security team administrators.

Reference(s):

https://bounty.mit.edu/

Rate this article:

MIT Security - Alpha Phase of Bug Bounty Program in April 2016

MIT Security - Alpha Phase of Bug Bounty Program in April 2016

Add new comment

Plain text

Today's Most Popular

Citrix Gateway & Cloud MFA - Insufficient Session Validation Vulnerability

Imperial & Dabman Internet Radio - Undocumented Telnetd & Code Execution

Banknotes Misproduction security & biometric weakness

Bundeswehr Generalmajor officially acknowledges Whitehat for Responsible Disclosure Activities

All Time Most Popular

Whitehat Hacker discovered details of an application-side Facebook Studio Dashboard Vulnerability

PayPal Inc fixed Filter Bypass & Profile Code Execution during Infrastructure Upgrades

Facebook Security - 12.500$ Bug Bounty reward to Security Researcher

Wickr Inc - When honesty disappears behind the VCP Mountain

Most Commented Articles

Advanced Persistent Threat Golden_hands - Digital Bank Robbery of the Year 2020

Facebook Security - 12.500$ Bug Bounty reward to Security Researcher

Bug Bounty Program Award Winners 2014 - Exclusive Interview by Microsoft & PayPal

Shopify | Buy Button | Persistent Embed POST Inject Vulnerability

Top Rated Articles

Manchester City - Football Club hosts first Hackathon in July 2016

PayPal Inc Bug Bounty - JDWP Remote Code Execution Vulnerability

Barracuda Networks Bug Bounty Program - Message Archiver 650 v3.2 Persistent Vulnerability BNSEC:703

US Military starts official "Hack the Army" Bug Bounty Program

Recent comments

Syndicate

Advertisement

Recent Posts & Articles

Citrix Gateway & Cloud MFA - Insufficient Session Validation Vulnerability

Rhein Ruhr Express (RRX) - DNS Cache Snooping Vulnerability on Wifi Hotspot

Bundeswehr Generalmajor officially acknowledges Whitehat for Responsible Disclosure Activities

Last Viewed Articles & Posts

Cyberoam UTM – Manually SQL Injection Exploitation

Apple iOS 10.2 Notify Function vulnerable to Attacks via iDevice on iTunes & Appstore

Blind SQL Injection Vulnerabilities reported to Oracle Corporation

RSS Feeds & Services

Projects & Sites

Search form

You are here

MIT Security - Alpha Phase of Bug Bounty Program in April 2016

MIT Security - Alpha Phase of Bug Bounty Program in April 2016

Add new comment

Plain text

Search form

Today's Most Popular

All Time Most Popular

Most Commented Articles

Top Rated Articles

Recent comments

Syndicate

Advertisement

Recent Posts & Articles

Last Viewed Articles & Posts

RSS Feeds & Services

Projects & Sites