Qualcomm announces launch of bounty program, offering up to $15,000 USD for the discovery of vulnerabilities

First Announced Vulnerability Rewards Program to be Offered by a Major Semiconductor Vendor; will be Administered by HackerOne

Qualcomm Incorporated (NASDAQ: QCOM) today announced that its subsidiary, Qualcomm Technologies, Inc. (QTI), is launching its vulnerability rewards program designed to expand collaboration with invited white hat hackers who improve the security of the Qualcomm® Snapdragon™ family of processors, LTE modems and related technologies. The program is the first of its kind to be announced by a major silicon vendor, and will be administered in collaboration with vulnerability coordination platform HackerOne, offering rewards of up to $15,000 USD per vulnerability as well as recognition in either the QTI Product Security or the CodeAuroraForum Hall of Fame, depending on the nature of the submission.

“We have always been proud of our collaborative relationship with the security research community. Over the years, researchers have helped us improve the security of our products by reporting vulnerabilities directly to us,” said Alex Gantman, vice president, engineering, Qualcomm Technologies, Inc. “Although the vast majority of security improvements in our products come from our internal efforts, a vulnerability rewards program represents a meaningful part of our broader security efforts.”

“The most security conscious organizations embrace the hacker community's critical role in a comprehensive security strategy,” said Alex Rice, chief technology officer, HackerOne. “With Qualcomm Technologies’ vulnerability rewards program they will continue to build vital relationships with the external security researcher community and supplement the great work their internal security team is doing.”

Over 40 security researchers who have made vulnerability disclosures in the past will be invited to initially participate. The program will be administered by HackerOne and participation details are available at https://qpsi.qualcomm.com/security/QVRP and hackerone.com/qualcomm.

The vulnerability rewards program is effective immediately.