Adobe gives up, asks others to find its security flaws

Google relaxes Project Zero bug disclosure policy after Microsoft complaints

Adobe's security woes are well known, with major flaws plaguing Flash and other apps from the company. The software maker has now opted for an open approach to its problems, asking for users to begin searching for bugs in the software.

This is likely the best route to take. Independent security researchers have always found and reported the flaws and some companies pay a bounty for this information. Now Adobe is taking a similar approach, asking everyone to help out.

"In recognition of the important role that independent security researchers play in keeping Adobe customers safe, today Adobe launches a web application vulnerability disclosure program on the HackerOne platform", Adobe's Pieter Ockers says.

The HackerOne platform allows the users to earn a reputation score based on the bugs discovered. A dedicated page has been set up at https://hackerone.com/adobe.

"Adobe continues to welcome the coordinated disclosure of security issues affecting desktop products and enterprise on-premise solutions by notifying our Product Security Incident Response Team ([email protected])", Ockers concludes. So get out there and start helping to fix these vulnerabilities that seem all too common.

Photo credit: NatBasil / Shutterstock

11 Responses to Adobe gives up, asks others to find its security flaws

© 1998-2024 BetaNews, Inc. All Rights Reserved. Privacy Policy - Cookie Policy.