MIT Security - Alpha Phase of Bug Bounty Program in April 2016 | Vulnerability Magazine - Acknoweldgements, Bug Bounties & Security Research

MIT Security - Alpha Phase of Bug Bounty Program in April 2016

In april 2016 the well known MIT EDU started a new official bug bounty program. The MIT Bug Bounty program is an experimental program aiming to improve MIT's online security and foster a community for students to research and test the limits of cyber security in a responsible fashion.

In- Scope Domains

In-Scope Vulnerabilities

Remote Code Execution (RCE)
SQL Injection
Authorization bypass / escalation
Information Leaks
Cross Site Scripting (XSS)
Cross Site Request Forgery (CSRF)

Out-of-Scope Vulnerabilities

Any bug that does not pose a real or demonstrable security risk
Denial Of Service Attacks (DOS)
Social Engineering
Physical exploits of our servers or network
Local network-based exploits such as DNS poisoning or ARP spoofing

The program runs actually in an alpha-testing mode without commercial rewards. In the alpha version the researchers must to request a kerberos account to submit a security ticket. During the next months the program will change to a commercial oriented model to reward security researchers permanently. Feel free to register with the program or report your prepared issues by mail to the mit edu security team administrators.

Reference(s):

https://bounty.mit.edu/

Rate this article:

MIT Security - Alpha Phase of Bug Bounty Program in April 2016

MIT Security - Alpha Phase of Bug Bounty Program in April 2016

Add new comment

Plain text

Today's Most Popular

Citrix Gateway & Cloud MFA - Insufficient Session Validation Vulnerability

Imperial & Dabman Internet Radio - Undocumented Telnetd & Code Execution

Stack Buffer Overflow Zero Day Vulnerability uncovered in Microsoft Skype v7.2, v7.35 & v7.36

Banknotes Misproduction security & biometric weakness

All Time Most Popular

Whitehat Hacker discovered details of an application-side Facebook Studio Dashboard Vulnerability

PayPal Inc fixed Filter Bypass & Profile Code Execution during Infrastructure Upgrades

Facebook Security - 12.500$ Bug Bounty reward to Security Researcher

Wickr Inc - When honesty disappears behind the VCP Mountain

Most Commented Articles

Advanced Persistent Threat Golden_hands - Digital Bank Robbery of the Year 2020

Facebook Security - 12.500$ Bug Bounty reward to Security Researcher

Bug Bounty Program Award Winners 2014 - Exclusive Interview by Microsoft & PayPal

Shopify | Buy Button | Persistent Embed POST Inject Vulnerability

Top Rated Articles

Vulnerability in LANCOM Systems Wireless Controller Series uncovered

ifixit Bug Bounty Program 2016 Q1 - Multiple Vulnerabilities disclosed by Core Researcher

Mobidea starts new & official Bug Bounty Program in 2016

Bug Bounty Programs - Manufacturer Award 31st January 2015

Recent comments

Syndicate

Advertisement

Recent Posts & Articles

Citrix Gateway & Cloud MFA - Insufficient Session Validation Vulnerability

Rhein Ruhr Express (RRX) - DNS Cache Snooping Vulnerability on Wifi Hotspot

Bundeswehr Generalmajor officially acknowledges Whitehat for Responsible Disclosure Activities

Last Viewed Articles & Posts

IBackup v10.0.0.45 suffers from a local Privilege Escalation Vulnerability

Wickr Inc - When honesty disappears behind the VCP Mountain

CeBIT 2015 (d!conomy) - Heise offers Slots in Open Developer World

RSS Feeds & Services

Projects & Sites

Search form

You are here

MIT Security - Alpha Phase of Bug Bounty Program in April 2016

MIT Security - Alpha Phase of Bug Bounty Program in April 2016

Add new comment

Plain text

Search form

Today's Most Popular

All Time Most Popular

Most Commented Articles

Top Rated Articles

Recent comments

Syndicate

Advertisement

Recent Posts & Articles

Last Viewed Articles & Posts

RSS Feeds & Services

Projects & Sites