The national chamber of entrepreneurs


«Atameken» invites IT-developers to discuss information security

8873 просмотров

Today, the issue became of urgent need, requiring attention and the introduction of proven techniques, technologies and their approbation. The main point is the prevention of risks, not the elimination of the consequences.

To solve the problem, the National Chamber of Entrepreneurs "Atameken" initiates the introduction of the principles of notification, publication and interaction with developers on detectable vulnerabilities, based on the Bug Bounty international principles.

To date, the two largest associations in the field of information security, the Center for Analysis and Investigation of Cyberattacks ALE and the Kazakhstani Association for Information Security are actively interacting with the Committee on Information and Communication Technologies, Education and Innovation of the National Chamber. The process of accreditation of these associations was moved to the Committee.

What is Bug Bounty?

This is a program which allows developers to get recognition or reward for finding errors. This is kind of stimulant for "white" hackers to find vulnerabilities, and for companies it will become a tool for information security policy managing.

The scheme of actions is approximately as follows: the company displays or announces the release of a new product or service. An IT specialist identifies and/or does not identify vulnerability, and reports the company.

The removal of the vulnerability before the launch of the product or service will be the advantage for the company and ensuring business reputation as a consequence.

"The use of these principles will help consolidate and channel the efforts of developers of domestic IT products with information security specialists in a regulated way, thereby significantly improving their quality," - the National Chamber believes.

For further comprehensive study, it is planned to discuss the proposed Bug Bounty principles with all interested parties on September 27, 2018 on the Atameken site with the connection of regions in the selector mode.

Please, join our Telegram channel to stay up to date on the latest news.
