Intel is expanding its Bug Bounty program with Project Circuit Breaker, bringing together a community of elite hackers to hunt bugs in firmware, hypervisors, GPUs, chipsets and more.
Project Circuit Breaker broadens and deepens Intel’s existing open Bug Bounty program by hosting targeted time-boxed events on specific new platforms and technologies, providing training and creating opportunities for more hands-on collaboration with Intel engineers.
Project Circuit Breaker’s first event, Camping with Tigers, is already underway with a group of 20 researchers who received systems with Intel Core i7 processors (formerly “Tiger Lake”).
“Project Circuit Breaker is possible thanks to our cutting-edge research community,” says Katie Noble, director: Intel product security incident response team (PSIRT) and Bug Bounty. “This program is part of our effort to meet security researchers where they are and create more meaningful engagement.
“We invest in and host bug bounty programs because they attract new perspectives on how to challenge emerging security threats – and Project Circuit Breaker is the next step in collaborating with researchers to strengthen the industry’s security assurance practices, especially when it comes to hardware.
“We look forward to seeing how the program will evolve and to introducing new voices to the meaningful work that we do.”
Through Project Circuit Breaker, Intel is creating a community dedicated to offering training to security researchers, exciting new hacking challenges and opportunities to explore at unprecedented levels with new and pre-release products, as well as new collaborations with Intel hardware and software engineers.
Camping with Tigers launched in December and will end in May, with bounty multipliers being offered at three milestones for eligible vulnerabilities.
“Bug bounty programs are a powerful tool to continuously improve the security of our products,” says Tom Garrison, vice-president and GM: client security strategy and initiatives at Intel.
“Camping with Tigers – our first event under Project Circuit Breaker – brings together world-class security researchers and our own product engineers to deepen testing and improve resiliency on our 11th Gen Intel Core processors.
“As we aim to develop the most comprehensive security features, we also realize the incredible value of deeper collaborations with the community to identify potential vulnerabilities and mitigate them for the ongoing improvement of our products.”
Project Circuit Breaker will supplement Intel’s existing open Bug Bounty program, which rewards researchers for original vulnerability findings on any eligible branded products and technologies. This program helps Intel to identify, mitigate and disclose vulnerabilities; in 2021, 97 of 113 externally found vulnerabilities were reported through Intel’s Bug Bounty program.