sb-as logo
Story image

OPPO partners with bug bounty company HackerOne

21 Jan 2020

Hacker-powered pentest and bug bounty platform HackerOne has announced a partnership with OPPO.

Mobile phone manufacturers OPPO will improve the security of its products and services and contribute to a safer internet by engaging the world's security research community with HackerOne.

With over 320 million monthly active users of OPPO’s ColorOS, and a rapidly expanding online presence, cybersecurity remains at the forefront.

In 2018, OPPO established the OPPO Security Response Center (OSRC) to enhance their cybersecurity.

By working with the security research community they found and safely resolved security weaknesses.

Today, the goal of the OSRC remains to promote cooperation and communication with ethical hackers and to identify security vulnerabilities before they can be exploited by cybercriminals.

This partnership with HackerOne further signifies OPPO's support of the global security research community and their role in reducing cyber risk.

"HackerOne works with a large community of security researchers to help companies around the world reduce cyber risk," says OSRC operation manager Peng Xing.

"We are excited to partner with HackerOne to strengthen the protection for our customers and provide a beneficial environment for security researchers."

OPPO and HackerOne's partnership includes the launch of a private, invite-only bug bounty program hosted on HackerOne.

The private program invites a select group of trusted security researchers to look for security vulnerabilities in exchange for a reward.

A future public bug bounty program is expected.

OPPO joins HackerOne's more than 1,750 customer programs, including The US Department of Defense, General Motors, Google, PayPal, Hyatt, Twitter, Nintendo, Microsoft, MINDEF Singapore, Qualcomm, Starbucks, and Dropbox.

"Cyber incidents have increased in volume, complexity and impact at internet speeds and organisations like OPPO are seeing the benefits of hacker-powered security to safeguard their most critical digital assets," says HackerOne Asia-Pacific vice president Attley Ng.

"We are thrilled to partner with a leader like OPPO to help protect their 320 million active monthly users while creating more opportunities for the research community."

Hacker-powered security growth in APAC

This partnership comes on the heels of a year of growth in the region for HackerOne.

HackerOne opened its APAC headquarters in Singapore in early 2019 and continues to bring on notable customers including Ministry of Defence Singapore (MINDEF), GovTech Singapore, Xiaomi, Zomato, Toyota, Nintendo, Grab, LINE, and Alibaba.

In addition, the region's first-ever live-hacking event (h1-65) was held in Singapore, where Dropbox awarded over $300,000 in bug bounties to participating hackers.

In late 2019, HackerOne launched hacker-powered security programs with industry leaders - OnePlus and LINE Corporation, as well as its fifth bug bounty program with Singaporean Government Agency (GovTech) in addition to an official vulnerability disclosure program for GovTech.

APAC continues to be one of the fastest-growing regions for hacker-powered security. According to HackerOne's 2019 Hacker-Powered Security Report, hacker-powered security programs increased 30% in the region year over year.

Story image
Acronis expands global data centre network, including new facilities in NZ
The expansion ensures that the full range of Acronis Cyber Protection Solutions will be available to partners and organisations around the world.More
Story image
Fujitsu new tech ensures inter-business data trust
The technology can verify when and by whom the data was created, and whether it has been tampered with, to ensure trusted data exchange.More
Story image
Why zero trust could fail due to lack of understanding​, not technology
Security architects are being forced to re-examine the concept of identity, with many turning to a zero trust security model to provide a better architecture for protecting their sensitive resources.More
Story image
CrowdStrike targets Zero Trust blind spot with new offering
CrowdStrike has officially launched CrowdStrike Falcon Zero Trust Assessment (ZTA), designed to aid in overall security posture by delivering continuous real-time assessments across all endpoints in an organisation regardless of the location, network or user. More
Story image
Commvault expands Metallic SaaS portfolio
Metallic Cloud Storage Service brings together technology from Commvault and Microsoft Azure for security and scale.More
Story image
Video: 10 Minute IT Jams - protecting data with user behaviour analytics
In this video, Forcepoint senior sales engineer and solutions architect Matthew Bant discusses the company's DLP solution, the importance of integrating compliance into security solutions, and why cybersecurity strategies should take a more people-based approach.More