ProZorro will be among the first of Ukraine’s state-owned companies to collaborate with "white" (ethical) hackers, said Vasiliy Zadvorny, its general director.
The system will collaborate with ethical hackers as part of the bug bounty project "Hack ProZorro," For the price of $7,000 they will test the level of security of the electronic public and public procurement system. Remuneration money will be provided partners and the size of the reward will depend on the level of criticality.
What is bug bounty?
In Ukraine, the bug bounty program is used only by private companies. They hire programmers, who are also called "white" hackers. They really hack services, but they do it legally.
The program was first launched by Netscape in October 1995. The company invited everyone to find vulnerabilities in the beta version of the Netscape Navigator 2.0 browser for $1,000. In 2004, Mozilla became the second company to launch a similar program. Now bug bounty is used by most technical companies, including the same Facebook, Google, as well as Amazon, Uber, Microsoft and others.
In general, in Ukraine, a standard penetration test costs $2-3 thousand, while in Europe it is $ 6-7 thousand. In the United States and Asia, bounties are higher, from $15 thousand and $20 thousand, respectively, according to Hacken CEO Dmytro Budorin in an interview with the Kyiv-based ezine Liga.net.