GC "Astra", a leading Russian developer of operating systems, announced the launch of the Bug Bounty program for Astra Linux SE. White-hat hackers were decided to be invited on the BI.ZONE Bug Bounty platform, this is a Russian counterpart of the well-known international Hucker One.
Within the framework of the Bug Bounty program, GC "Astra" will pay rewards of up to 250,000 rubles for critical vulnerabilities found. Researchers, or so-called "White hackers", can report about the vulnerabilities they found through a special form on the program's website. The amount of the reward will depend on the complexity level of the discovered system vulnerability.
At the time of writing the news, vulnerabilities were reported twice. But only one of them was confirmed. Apparently, the company did not consider its level high, so the researcher was paid only 5,000 rubles.
Evgeny Voloshin, Director of the Department of Security Analysis and Fraud Prevention at BI.ZONE expressed hope that the Bug Bounty program will become an important tool for further enhancing security in the Russian OS, and also will help "maintain high resilience to constantly evolving and changing modern cyber threats".
In late March 2023, the Ministry of Digital Development, Communications and Mass Media of the Russian Federation registered BI.ZONE Bug Bounty in the domestic software registry.