TikTok Celebrates Two Years of Bug Bounty

Within the final two years of their bug bounty program, the hacker group has helped TikTok determine and disclose 450 vulnerabilities of their public-facing belongings. In response, TikTok has awarded $585,000 in bug bounties to over 250 moral hackers. In honor of Cybersecurity Consciousness Month and their second anniversary with HackerOne, TikTok has shared a message of thanks for all the hacker group, with a particular shout-out to a few of their program’s prime hackers.

You could find the unique weblog printed by TikTok hereor take a look at this video thanking this system’s prime hackers from the previous yr.

Celebrating the cyber group on TikTok

Weblog put up printed by the TikTok Group workforce on October 7, 2022

At TikTok, we’re all the time centered on guaranteeing the protection, safety, and privateness of our international group. It is a duty we take very severely, as over 1 billion folks flip to our platform to specific themselves creatively, be taught one thing new, or be entertained. As we frequently put money into the folks, processes, and know-how to allow best-in-class safety operations at scale, we all know it is vital to work with third-party specialists to assist take a look at our defenses.

We’re additionally proud to assist efforts that promote cybersecurity finest practices from industry-leading organizations like HackerOne, together with the International Cyber Alliance (GCA) and Nationwide Cybersecurity Alliance.

Collectively we’re persevering with to unfold cybersecurity consciousness, schooling, and alternative. We’re celebrating our 2-year anniversary of our International Bug Bounty program, unveiling our 2022 TikTok Cybersecurity Champions, elevating the #SeeYourselfInCyber initiative to encourage folks of all backgrounds to discover skilled alternatives within the rising area, and sharing tricks to all the time #BeCyberSmart.

Celebrating our 2-year anniversary with the moral hacker group

Earlier this yr, TikTok turned a founding sponsor of HackerOne’s Corporate Security Responsibility (CSecR) pledge, honoring transparency, collaboration, innovation, and differentiation as core rules to assist create a safer digital world for everybody. The pledge furthers the commitments we made two years in the past when launching our International Bug Bounty program. Since its inception, we have awarded over $585,000 in bug bounties to over 250 moral hackers for responsibly figuring out and disclosing over 450 vulnerabilities so we may rapidly resolve them. This system continues to draw new hackers due to our complete scope and dedication to transparency.

As of October 1, this yr’s prime contributors are:

• s3c: Yusuf is a 23-year-old bug bounty hunter from Kurdistan, Iraqclaiming his spot as one among TikTok’s prime contributors for the second consecutive yr! As an impartial safety researcher on the HackerOne platform with 5 years of expertise, Yusuf enjoys serving to prime firms defend their enterprise.

• On the platform: Nosa is a 22-year-old safety engineer by day and bug bounty hunter by night time. From a small metropolis in Indonesiahe began working with HackerOne in 2017 and hopes to grow to be a famous person bug bounty hunter by bettering his expertise daily.

• Amakki: Abdulrahman is a 21-year-old bug bounty hunter from Saudi Arabia who has been discovering vulnerabilities for numerous know-how firms since beginning his hacking journey at age 10 and formally becoming a member of the HackerOne group in 2019.

• datph4m: Pham is a safety engineer at a software program firm in Vietnam who has been working with HackerOne for about 4 years, throughout which era he is found severe vulnerabilities for among the world’s prime know-how firms.

“The best ethical hackers choose to work on bug bounty programs that are open and transparent, and customers trust vendors that clearly communicate about what they’re doing to improve security,” mentioned HackerOne CEO Marten Mickos. “A key reason for TikTok’s success with software security is that they practice such transparency, and we commend TikTok’s active engagement in our Corporate Security Responsibility initiative, which prizes transparency as one of its core principles.