Crypto.com is paying up to $2 million in “rewards” for individuals who uncover security violations. The bug bounty program, which is being managed in partnership with HackerOne, is said to be the largest ever on the platform.
Kris Marszalek, CEO of Crypto.com, says that as they continue to grow, it is critically important that they provide security and compliance, and they are “setting a new bar” in their efforts.
“When you operate a global app serving more than 100 million customers, finding critical security gaps before bad actors do is essential to system integrity and customer trust,” says Kara Sprague, CEO of HackerOne. “This record-breaking bounty reflects the significant emphasis Crypto.com puts on consumer protection and their appreciation of the value the ethical hacking community can provide.”
Jason Lau, Chief Information Security Officer of Crypto.com sats they have always partnered with the ethical hacking community and deepening their relationship with HackerOne underscores our commitment to enhancing safeguards and consumer protection.
Crypto.com notes that it is the first virtual asset platform to achieve multiple certifications across all platforms, including SOC2 Type 2, PCI DSS 4.0, ISO 27017 and ISO 27019 for cloud security and privacy certifications in 2023, ISO 22301 for Business Continuity Management in 2021, ISO 27701 for Privacy Information Management System in 2020, and ISO 27001 for Information Security Management Systems in 2019, and more.