On August 16, Prozorro’s official website announced the reinstatement of the Bug Bounty program, the first such step since its inception.
On August 16, Prozorro’s official website announced the reinstatement of the Bug Bounty program , the first such step since the start of a large-scale invasion. This initiative aims to find individuals known as “ethical hackers” or cybersecurity bug hunters to identify vulnerabilities in an electronic public procurement platform.
The goal of the program is to improve data protection and improve the resilience of the Prozorro system against potential cyber attacks.
Participants of the program will also receive financial rewards for their efforts and will be able to get into the rating of bug hunters, which evaluates both the quality and quantity of vulnerabilities discovered. The process of detecting and eliminating vulnerabilities will be carried out in a test environment that includes a central database, various Prozorro components and electronic platforms such as E-Tender, SmartTender and Zakúpki.Prom.
The Prozorro Bug Bounty program will run continuously and will be implemented jointly by the state enterprise Prozorro and electronic platforms E-Tender, SmartTender and Zakúpki.Prom. Since the launch of the Prozorro Bug Bounty program, cybersecurity experts have already discovered and timely fixed more than 100 vulnerabilities, which contributed to strengthening the reliability and security of the entire system.
