Byos Bug Bounty #2 - Hardwear.io HardPWN 2019

Our second Bug Bounty event took place at the Hardwear.io conference from Sept. 23-27 in The Hague, Netherlands, during the HardPWN Hacking contest.

Security Researchers were challenged to find vulnerabilities in a number of hardware devices. Alongside the Byos μGateway, devices from Nest, Google, the Noke HD Bluetooth Smart Padlock, and the MiniBrew Craft System were also available for testing.

Highlights from the participant list include:

Results

After our first Bug Bounty event in Las Vegas, there were eight vulnerabilities found in the Byos μGateway However, researchers were not able to find any at this event.

Since the first Bug Bounty event, our team has enhanced our SDLC practices, improving our internal development processes. We have also improved the existing features and added a number of new features to the product, resulting in a hardened product.

We were happy to see such an engaged crowd at Hardwear.io and are looking forward to the next one Bug Bounty. We have already begun planning our 2020 Bug Bounty program so stay tuned for more details!

We have compiled the results in a Technical White Paper.

 

NordVPN, TorGuard, and VikingVPN breached

Byos Bug Bounty - Vegas 2019