Intel Corp. today expanded its bug bounty program with a new offering that brings together a community of elite hackers to reshape vulnerability management.

The new Project Circuit Breaker brings together hackers to hunt for bugs in firmware, hypervisors, graphics processing units, chips and more. Expanding on Intel’s existing bug bounty program that opened to all in 2018, Project Circuit Breaker will host targeted time-boxed events on specific new platforms and technologies, provide training and create opportunities for more hands-on collaboration with Intel engineers.

Project Circuit Breaker aims to create a more diverse and unified security community that is better prepared to address the industry’s most significant security concerns. By delivering new challenges, training and unprecedented access to early products and Intel engineers, Intel argues, the project will focus the talents of the community toward areas of high impact.

“This program is part of our effort to meet security researchers where they are and create more meaningful engagement,” Katie Noble, director of the Intel Product Security Incident Response Team and Bug Bounty, said in a statement. “We invest in and host bug bounty programs because they attract new perspectives on how to challenge emerging security threats – and Project Circuit Breaker is the next step in collaborating with researchers to strengthen the industry’s security assurance practices, especially when it comes to hardware.”

Project Circuit Breaker’s first event, Camping with Tigers, is already underway with a group of 20 researchers who received systems with Intel Core i7 processors. The event, which runs to May, offers bounty multipliers at three milestones for eligible vulnerabilities.

“Camping with Tigers – our first event under Project Circuit Breaker – brings together world-class security researchers and our own product engineers to deepen testing and improve resiliency on our 11th Gen Intel Core processors,” explained Tom Garrison, vice president and general manager of Client Security Strategy & Initiatives at Intel. “As we aim to develop the most comprehensive security features, we also realize the incredible value of deeper collaborations with the community to identify potential vulnerabilities and mitigate them for the ongoing improvement of our products.”

Project Circuit Breaker will complement Intel’s existing bug bounty program, which rewards researchers for original vulnerability findings. In 2021, 97 of 113 externally found vulnerabilities within Intel products were reported through the Intel Bug Bounty program.

Intel’s commitment to security includes the Intel Hardware Security Academic Award program, which awards top innovators for novel research with meaningful impact on the industry. Intel’s security experts also contribute to the Bug Bounty Community of Interest, a forum for vendors, bug bounty managers and security researchers, and FIRST, the Forum of Incident Response and Security Teams.

Photo: huangjiahui/Flickr