Skip to main content

NordVPN maker has expanded its bug bounty program

Security Bug
(Image credit: Shutterstock)

Nord Security, the parent company of NordVPN, has officially launched a bug bounty program for its VPN service as well as for its password manager NordPass and its file encryption service NordLocker.

NordVPN first launched its bug bounty program back in December of 2019. However, as Nord Security's product family has expanded, the company has now extended the program to include NordPass and NordLocker.

TechRadar needs you!

We're looking at how our readers use VPN for a forthcoming in-depth report. We'd love to hear your thoughts in the survey below. It won't take more than 60 seconds of your time.

>> Click here to start the survey in a new window<<

Through its bug bounty program, Nord Security is giving ethical hackers the chance to discover potential security vulnerabilities, report them and earn monetary rewards. The company's CTO Marijus Briedis provided further insight on its bug bounty program in a press release, saying:

“Security is our number one priority in all of our products. Therefore, we want to engage as many expert penetration testers as we can. The Bug Bounty initiative allows us to utilize all the security talent available and empowers everyone in the community to help us build a safer online world.” 

Bug bounty program

Nord Security's bug bounty program is implemented via the HackerOne platform which helps connect businesses with penetration testers and security researchers around the world. In fact, many of the world's biggest brands including Starbucks, Sony and many others depend on the company's services for their own bug bounty programs.

“Nord Security uses a managed service from HackerOne, which helps us progress in better program design and bug management and provides us with additional support running our program from end to end”, added Briedis.

Nord Security and HackerOne plan to celebrate the program's launch by running a two-week event from March 31 to April 14 where ethical hackers will receive double the normal amount for finding high and critical vulnerabilities in NordVPN. However, only reports related to NordVPN's desktop and mobile apps will be considered eligible during the event.

While security researchers and ethical hackers can now earn bounties for finding vulnerabilities in NordVPN, NordPass and NordLocker, Nord Security's customers can rest easy knowing that their software is secure.