The project was initiated by Innostage CEO Aidar Guzairov.

tanjimajuha20 · Post by **tanjimajuha20** » Mon Jan 20, 2025 10:39 am

Innostage first publicly announced its intention to conduct a permanent open cyber testing program in the Bug Bounty format at the SOC Forum 2023 conference, which took place in mid-November 2023. As Ekaterina Syurtukova, Head of Innostage's Service Department, noted at the time, Bug Bounty, unlike penetration testing, is a continuous security enhancement tool that takes security to a new level and allows for a significant increase in the company's competitiveness.

He emphasized that a company vietnam whatsapp resource that wants to engage in projects in the field of effective cybersecurity should start with itself, thereby setting an example for customers and proving in practice its competence in this area, and Bug Bounty programs have proven themselves to be a reliable way to measure the effectiveness of information security in a company.

"Innostage is the first IT integrator that submits infrastructure for testing by the strongest hackers in this format. We are ready to pay specialists millions if they point out critical vulnerabilities," Aidar Guzairov emphasized. The reward for researchers, according to him, will be 5 million rubles, but then, as the scale of the project expands, it will grow. The first goal of the company, as Aidar Guzairov noted, will be to attract researchers from among "white hackers."

As noted by Innostage IT Products and Services Director Ruslan Suleimanov, the preparatory stage for the company's entry into cyber testing took nine months. During this time, as noted by the integrator's CDO, an audit was conducted, the target model of the IT infrastructure was developed and implemented, and personnel training was conducted in parallel. Moreover, as Ruslan Suleimanov specifically noted, all employees, including those not related to IT and IS specialists, completed the training program.

Innostage has chosen JSC "Kiberisspytaniya" and Positive Technologies as partners. The technical platform for Innostage's cyber tests will be Standoff Bug Bounty. As Ruslan Suleimanov noted, during Bug Bounty, researchers will be allowed to use any means except those that are criminally or administratively punishable.

Director of the Positive Technologies Information Security Expert Center Alexey Novikov called cyber testing a serious challenge, unlike pentests, which are limited in time and by the scope of certain services or resources. However, according to him, as soon as a company allocates a budget for information security, it is necessary to provide for the costs of checking its effectiveness, and cyber testing is the most effective and reliable method of such verification. Alexey Novikov also called the inclusion of the company's partners in the Bug Bony testing circuit a promising task, as they are often the weak link through which intruders penetrate the infrastructure of companies and government agencies, and information security contractors are no exception.

Vyacheslav Levin, CEO of JSC Cybertesting, called successful completion of Bug Bounty an important criterion for selecting partners and contractors. He expressed hope that such programs will become a market standard in the near future.