Intel is moving its bug bounty program from HackerOne to Intigriti. The company won’t say why it’s doing that, but vulnerabilities rewards will likely remain the same as the previous program.
Intel writes on its own bug bounty page that it will stop with HackerOne, the platform where it was one of the bigger players for years. The company will switch to Intigriti as its bug reporting platform from December 6. From that date, security researchers can pass on vulnerabilities there. Until December 13, this is also possible via the old HackerOne platform, but no new bug reports will be accepted after that date. Open reports are handled in December via HackerOne as well as via Intigriti. Security researchers must first log in to Intigriti before they can make a report.
Intel does not say why it will stop at HackerOne. The company also says nothing about changes to the program, but suggests that both the conditions and the rewards will remain the same as before. Rewards range from $500 for a low-level vulnerability in Intel software to $100,000 for a critical bug in hardware. In recent years, Intel has distributed $3.1 million between at least 141 hackers via HackerOne.