Recently, a member of the Securityium team discovered a vulnerability in the latest version of Arlo’s multi-function sensors and 24/7 professional monitoring products. Arlo, a company known for their complete protection solutions, has a cash rewards program that encourages and rewards contributions from developers and security researchers who help make their products more secure.
The team member’s discovery was within the scope of the Arlo Cash Rewards Program and was eligible for a monetary reward. Arlo also rewards Kudos points for submissions outside the scope of the program.
It’s worth noting that NETGEAR, the parent company of Arlo, also has their own Bug Bounty program. However, only vulnerabilities found in the latest version of Arlo’s products are eligible for the Arlo Cash Rewards Program.
Arlo encourages security researchers to include a statement about perceived impact to the company in their submission. This not only helps Arlo reproduce, rate, and reward findings in a timely manner, but it also improves the severity score of the finding.
Overall, Arlo values the efforts and contributions from the security research community and is committed to making their products as secure as possible. They encourage researchers to participate in their cash rewards program and kudos program to help improve the security of their products.
Link: Hall of Fame – Arlo Cash Rewards – Bugcrowd