UAE Cybersecurity Council, Etisalat complete 'Bug Bounty' pilot programme

UAE Cybersecurity Council, Etisalat complete 'Bug Bounty' pilot programme

ABU DHABI, 20th October, 2021 (WAM) -- The UAE Cybersecurity Council and Etisalat have announced the successful completion of the first Bug Bounty pilot programme in collaboration with Beacon Red and Yogosha, during GITEX Technology Week 2021.

The telecom company has signed a partnership agreement with Yogosha, a leading European crowdsourced cybersecurity company, and Beacon Red, a defense consulting firm, to launch the Bug Bounty pilot programme over a two-month period, following the announcement of the 'National Bug Bounty Programme' by the Cybersecurity Council in August this year. The programme aims to enhance the UAE’s cybersecurity systems, reinforce the country’s leading stature in global competitiveness indexes, as well as engage community members, and public and private sector entities in the protection of the national critical infrastructure.

A total of 81 security researchers from 21 different countries were provided the opportunity to participate in the pilot programme to assess various Etisalat public-facing websites within the UAE.

The pilot programme achieved positive outcomes based on several metrics such as transparent communication with security researchers, identifying security vulnerabilities, timely triage and rewards, speed to patch, and mitigation of the reported vulnerabilities.

With the conclusion of the pilot programme, the Cybersecurity Council plans to proceed with the National Bug Bounty Programme, leveraging the first in-country platform hosted within the UAE.

Once fully deployed, this national platform will provide a unified standard that can be applied across the UAE for crowd sourcing security researchers. Organisations will be able to use this national platform and rely on the expert assistance of the Cybersecurity Council and Etisalat when implementing their own bug bounty programmes.

Etisalat announced its readiness to launch the national platform for the Bug Bounty programme within the fourth quarter of 2021. It also called on UAE's organisations to participate in this national programme and invited security researchers to register at