SECURITY SOLUTIONS TODAY11 Oct 2021
ZTE Corporation Partners with YesWeHack to Expand Bug Bounty
Views: 34

A fundamental factor in the telecommunications industry, cybersecurity has become even more critical with the deployment of 5G, which has resulted in increased potential attack surfaces and threat landscape with the introduction of new technologies, techniques and capabilities. In addition, the ability of 5G to support massive Internet of Things (IoT) connectivity introduces many times more devices connected to the network, presenting a wide-reaching and increased attack surface.

Addressing the increased vulnerabilities,YesWeHack, an European crowdsourced security platform, is partnering with Shenzhen-headquartered telecommunications provider ZTE Corporation to confront new security challenges brought by the 5G network commercialisation. Through its bug bounty platform, YesWeHack will invite over 30,000 global security researchers to secure ZTE’s products further and discover vulnerabilities typically missed in traditional security audits.

ZTE integrates its capabilities and expertise across handsets, mobile broadband, terminal chipset modules, and peripheral products to create a more intelligent 5G ecosystem. YesWeHack’s vast cybersecurity research community will help identify potential vulnerabilities in ZTE Products. This partnership highlights ZTE’s commitment to building a sound cybersecurity governance structure and creating an end-to-end security assurance mechanism for all product life cycle phases.

"Through openness and transparency, we try to give our customers confidence by letting them see what we do and how we provide end-to-end security," says Zhong Hong, Chief Security Officer at ZTE. "Our partnership with YesWeHack will help to enhance the security of ZTE’s products and confront new challenges brought by the 5G network commercialization," he added.

This bug bounty program for ZTE products will reward up to $2000 for critical bugs in several product categories such as 5G Common Core, 5G NR, Fixed Network, Multimedia, Cloud Video, Cloud Computing, Database management Systems and Terminal products.