A little over a month ago, we announced a security plan that would make us more secure than ever for 2020 and beyond. Any bugs in our systems are now wanted dead or alive, as NordVPN has officially launched its bug bounty program.
Dec 12, 2019 · 2 min read
We’ve just increased the size of our penetration testing team to potentially the entire cybersecurity community.
We love our in-house penetration testers. They’re talented white-hat hackers who work hard to keep NordVPN one of the most secure VPNs in the world. However, there are only so many of them, and NordVPN’s global infrastructure grows larger and more complex every month.
Now, enterprising cybersecurity pros around the world can search our system for any flaw large or small and get paid for it. Bug hunters may earn rewards for anything from minor bugs to critical flaws – as long as they impact our service. This also means that grey- or black-hat hackers who find flaws may decide to notify us for an easy payday rather than trying to exploit those flaws.
All of this will have a profound effect on ensuring the quality and security of our service.
Bounties can range from $100 for minor issues to over $5,000 for critical flaws.
If you’d like to hunt bugs in NordVPN’s service, please read our full policy on HackerOne before you begin. Certain exceptions do apply. Otherwise, happy hunting!
Bugs and vulnerabilities wanted – dead or alive – at NordVPN.