Company AgileBits, the Creator of the popular application for storing passwords 1Password, has introduced a new program to search for vulnerabilities in the project. Now the amount of the maximum reward for discovered a security gap is $100,000 instead of $25,000.
To receive $100 000 researchers need to find a vulnerability in 1Password, which will allow you to get access to protected password storage. To this end the company created a special test store in which there will be real user data.
In addition, AgileBits ready to provide documentation about the already resolved issues that could help researchers in search of vulnerabilities.
Application developers, ensuring the security of user data on various sites, chose a good time for his announcement in February 2017 it became known about the leak of customer data sites that use the service for the protection of Cloudflare.
Leakage occurred from September 2016 to February 2017 — that is, for more than five months in the open access got a random portion of sensitive data including personal information of users of websites of major companies. As explained in the CloudFlare, the leaked data is stored in the cache of search engines and could be identified by attackers sending generic search queries.
It is noteworthy that the maximum rewards in the system bug bounty (the program for search vulnerabilities) Cloudflare offers a shirt with your brand.