ZTE Corporation has officially partnered with a crown-sourced Vulnerability Disclosure Policy platform based in Paris, known as YesWeHack, to promote its Bug Bounty program. To improve the security of its products and services, ZTE set up bounty programs that pay hackers who find vulnerabilities in the system. “We welcome security researchers/organizations to report security vulnerabilities in our products and services to us. We promise to follow up and respond to your reported security vulnerabilities as soon as possible,” ZTE said.
In late 2020, ZTE launched a new Bug Bounty program, and in 2021, the OEM began working with YesWeHack, which has 30,000 cybersecurity experts (known as “ethical” hackers) in 170 countries and regions. YesWeHack will now promote ZTE’s Bug Bounty program, leveraging its experts’ expertise to assist ZTE in fully identifying potential vulnerabilities.
To date, ZTE’s product security incident response team has received information from YesWeHack and has effectively eliminated the potential risks, improving ZTE’s product security.
With its cybersecurity vision of “Security in DNA, Trust through Transparency,” ZTE has taken “sustained efforts” on enhancing internal security governance and external security verification. “The cooperation with YesWeHack is one of our effective measures to intensify our openness and transparency,” the company said.
ZTE says it has also been cooperating with GSMA Coordinated Vulnerability Disclosure program to eliminate and mitigate vulnerabilities which are standards-related.
Reader Interactions