Crypto.com has introduced an upgraded bug bounty programme in collaboration with HackerOne, offering rewards of up to US$2 million for identifying security vulnerabilities.
The programme represents a major expansion of Crypto.com’s security measures and is among the largest rewards available through HackerOne’s platform.
The initiative is part of Crypto.com’s broader efforts to prioritise security and regulatory compliance, supported by a suite of certifications including SOC2 Type 2, PCI DSS 4.0, ISO 27001, ISO 27017, ISO 27019, ISO 22301, and ISO 27701.
The company has also achieved regional certifications such as Singapore’s Data Protection Trust Mark and Cyber Trust Mark.
Interested security researchers can find details about the programme and submit vulnerability reports on HackerOne’s website.
Kris Marszalek, CEO of Crypto.com, said,
“Security and compliance are at the foundation of everything we do at Crypto.com.
As our business and the industry continue to grow, it’s critically important that we remain focused on our core principles, and this new bounty programme does that by setting a new bar.”
Kara Sprague, CEO of HackerOne, said,
“When you operate a global app serving more than 100 million customers, finding critical security gaps before bad actors do is essential to system integrity and customer trust.
This record-breaking bounty reflects the significant emphasis Crypto.com puts on consumer protection and their appreciation of the value the ethical hacking community can provide.”
Featured image credit: Edited from Freepik