Zabbix announces its public bug bounty program on HackerOne

February 22, 2023

Riga, Latvia – Zabbix – a universal enterprise-class open-source monitoring solution, launches a public bug bounty program in partnership with HackerOne, the number one ethical hacker-powered platform to discover potential security vulnerabilities. Now hackers can proactively search for and report Zabbix security vulnerabilities and get rewarded for found and validated issues.

Millions of people around the globe use Zabbix to monitor their IT infrastructure stack – from network monitoring to cloud infrastructures, microservices and applications. As a part of an ongoing effort to secure every aspect of Zabbix, every new release goes through a rigorous internal testing process and pre-release versions are rolled out for public evaluation on a regular basis. To further strengthen the product’s security Zabbix has launched a public bug bounty program on HackerOne that will use ethical hacking to prevent potential security threats. HackerOne statistics for 2022 include over 65,000 discovered security vulnerabilities across various products, the trust of more than 1,200 organizations, and a hacker community of over 1 million members.

"We pride ourselves on developing and supporting Zabbix. Our product's top quality and security have always been our highest priorities. By partnering with HackerOne, we are taking the next logical step and involving the broader community of security leaders and ethical hackers to react to potential security issues even more proactively," says Zabbix CEO and founder Alexei Vladishev.

Zabbix public bug bounty program enables hackers to contribute to the security of the product by discovering potential security vulnerabilities in different Zabbix components, such as Zabbix frontend, server, proxy, agent, API and other Zabbix processes. The program offers up to $3,000 as a reward for discovering and reporting a bug. More information can be found on the Zabbix bug bounty page.

About Bug Bountry program

The bug bounty program allows organizations to collaborate with ethical hackers and offers them a reward (a bounty) for each valid security vulnerability they have discovered. In such way, these security issues can be safely resolved before they can be exploited. You can find out more about the program here.

About HackerOne

HackerOne was started by hackers and security leaders who are driven by a passion to make the internet safer. This platform is the industry standard for ethical hacking solutions. HackerOne partners with the global hacker community to surface the most relevant security issues of its customers before they can be exploited by criminals. Customers include The U.S. Department of Defense, Dropbox, General Motors, GitHub, Goldman Sachs, Google, Hyatt, Lufthansa, Microsoft, MINDEF Singapore, Nintendo, PayPal, Slack, Starbucks, Twitter, and Yahoo. In 2021, HackerOne was named as a ‘brand that matters’ by Fast Company.

About Zabbix Company

Zabbix team's mission is to make a universal monitoring solution available and affordable for all. Zabbix LLC develops open-source software for monitoring the whole IT stack in infrastructures of any size - both on-premises and in the cloud. Apart from that, the company offers a wide range of professional services designed to fit every customer's unique business demand, including implementation, integration, custom development, and consulting services, as well as various training programs. The first Zabbix version was released in 2001. Zabbix LLC was established in 2005 with the aim to provide expert technical support services. Zabbix user base includes governmental institutions of different countries along with some of the world's biggest telco, finance, educational, retail, and healthcare companies. Many of them are included in the Fortune 500 list.

See Zabbix security policy.

USA: 1-877-4-ZABBIX
Europe: +371-6778-4742
Japan: +81 3-4405-7338
Brazil: +55 11 4210-5104

mailto:[email protected]

Get started in 10 minutes - absolutely FREE

Download Zabbix

Zabbix is a professionally developed open-source software with no limits or hidden costs.