At first glance, the LinkedIn post from a UK based security researcher was unremarkable: a photo of vendor swag – a hat, iron-on patch and gym bag he received as a “thank you” for participating in the company’s bug bounty program and reporting software flaws in a company’s products.
Swag from John Deere was sent as a “thank you” for submitting vulnerabilities as part of the … [+]
Photo courtesy of Sai Ganesh
What was remarkable was the company logo on the swag: the distinctive yellow stag set against the bright green of agricultural equipment giant John Deere. A handwritten note to the researcher, Sai Ganesh (@ganiganeshss79), thanked him for his participation in Deere’s bug bounty program, which is hosted by the bug bounty platform HackerOne. It was signed “The John Deere Security Team.”
The Trustworthy Computing Memo Lands On The Farm
In 2021, such gestures are commonplace in the software industry. It has been 16 years since TippingPoint Technologies (now part of 3COM) launched its Zero Day Initiative – one of the first “cash for vulnerabilities” programs. In the intervening…
