The new cyber-security program upgrades Ooredoo’s security practices by adding an extra layer of security testing to its regular vulnerability assessment and penetration testing. The programme entails inviting a global community of pre-registered ethical hackers and researchers to test its security, and report findings in return for a financial reward.
Sheikh Ali Bin Jabor Al Thani, Chief Executive Officer at Ooredoo Qatar said: “The launch of this new initiative demonstrates Ooredoo’s commitment to the provision of secure products and services to our customers, and to proactively addressing security vulnerabilities as soon as they are found in order to protect our customers, our employees and our business. The programme also enables us to ensure we meet our environmental and social responsibilities, as outlined in our corporate strategy.”
The telco leader has collaborated with the global Bug Bounty platform YesWeHack to define the rules of the program, including the scope of the test, the vulnerabilities that qualify for a reward and their value. If the vulnerability is considered valid, the researcher is rewarded based on the validity and criticality of the bug. Once fixed, the bug is checked again to ensure resolution.
The public Bug Bounty Program will be a permanent part of Ooredoo’s security provision.
Would you like to learn more about YesWeHack’s Bug Bounty solution?
Take the first step by scheduling a demo with one of our experienced crowdsourced security professionals who can provide valuable insights and help you discover how our platform can benefit your organisation.
Founded in 2015, YesWeHack is a global Bug Bounty and VDP Platform. YesWeHack offers companies an innovative approach to cybersecurity with Bug Bounty (pay-per-vulnerability discovered), connecting more than 45,000 cybersecurity experts (ethical hackers) across 170 countries with organisations to secure their exposed scopes and reporting vulnerabilities in their websites, mobile apps, infrastructure and connected devices.
YesWeHack runs private (invitation based only) programs and public programs for hundreds of organisations worldwide in compliance with the strictest European regulations.
In addition to the Bug Bounty platform, YesWeHack also offers: a creation and management solution for Vulnerability Disclosure Policy (VDP), a Pentest Management Platform, a learning platform for ethical hackers called Dojo and a training platform for educational institutions, YesWeHackEDU.