Ready, Set — Hack! Update
Two months after opening a security bounty, an update.
Security is a top priority for us and that is why, in collaboration with Intigriti, we allow several ethical hackers to dive deep into the security-related aspects of Arkane. Two months have passed since we’ve opened the bug bounty program to the public. All ethical hackers were invited to hack away and help detect undiscovered security issues. Here an overview of the current findings.
53 bug reports have been filled out of which 9 has been considered valid, all of which have been addressed within a few days after reporting them.
Of the 9 accepted vulnerabilities, 8 had a low impact and 1 medium. So far no High, Critical or Exceptional issues have been found. None of them jeopardized users funds.
We still have 91% of our bug bounty budget available for future bugs and plan to keep the bug bounty open for several months.
For those that are unfamiliar with Intigriti, they are a crowdsourced security platform where security researchers and companies meet. As an ethical hacking and bug bounty platform, they aim to identify and tackle vulnerabilities in a cost-efficient way.