As a part of an ongoing effort to secure every aspect of Zabbix, every new release goes through a rigorous internal testing process and pre-release versions are rolled out for public evaluation on a regular basis. To further strengthen the product’s security Zabbix has launched a public bug bounty program on HackerOne that will use ethical hacking to prevent potential security threats. HackerOne statistics for 2022 include over 65,000 discovered security vulnerabilities across various products, the trust of more than 1,200 organizations, and a hacker community of over 1 million members.

"We pride ourselves on developing and supporting Zabbix. Our product's top quality and security have always been our highest priorities. By partnering with HackerOne, we are taking the next logical step and involving the broader community of security leaders and ethical hackers to react to potential security issues even more proactively," says Zabbix CEO and founder Alexei Vladishev.

Zabbix public bug bounty program enables hackers to contribute to the security of the product by discovering potential security vulnerabilities in different Zabbix components, such as Zabbix frontend, server, proxy, agent, API and other Zabbix processes. The program offers up to $3,000 as a reward for discovering and reporting a bug. More information can be found on the Zabbix bug bounty page below.

Zabbix bug bounty page on HackerOne: https://hackerone.com/zabbix
Read the Zabbix press release: https://www.zabbix.com/pr/pr439
Zabbix Security Policy page: https://www.zabbix.com/zabbix_security_policy
​