Bug Bounty Practice Gains Russian Accent

tanjimajuha20 · Post by **tanjimajuha20** » Mon Jan 27, 2025 6:46 am

uring the International Forum "IT Dialogue 2022", the bug bounty topic was raised at several sessions at once. During the panel discussion "New Era in Information Security", Deputy Governor, Minister of Digital Development of the Kaluga Region Dmitry Razumovsky proposed creating a single state bug bounty platform that could be used by regional authorities. However, regional ministries of digitalization generally cannot create various kinds of cyber polygons and sandboxes on their own. Moreover, the costs of maintaining information security are not compensated from the federal budget, while the costs of implementing IT are included in various federal programs.

Vice-Governor of St. Petersburg germany cell phone number listStanislav Kazarin noted that IT systems are becoming increasingly complex and regulators are late in setting requirements for their protection. This is a completely natural process, and it is no longer possible to use a protective approach in the current conditions.

At the same time, according to the Positive Technologies research group, 65% of applications are vulnerable. Eliminating these security problems using a traditional approach in a reasonable time frame and at an acceptable cost is often impossible.

Read also

As regulatory barriers are removed, domestic companies will increase the scale of their use of Russian Bug Bounty platforms many times over. However, until February of this year, most domestic companies used foreign Bug Bounty platforms, and attempts to create Russian ones were unsuccessful.

During the session of the section "Cybersecurity: from concept to reality", the participants of the discussion, including Deputy Prime Minister, Minister of Informatization, Communications and Open Governance of the Tula Region Yaroslav Rakov, Minister of Digital Development of the Udmurt Republic Timur Medzhitov, Deputy Head - Head of the Department of Informatization and Information Protection of the Administration of the Head of the Republic of Karelia Natalya Nikolskaya and Head of the Information Security Department of the Ministry of Digital Development and Communications of the Orenburg Region Mikhail Shlyapnikov proposed giving preferences to products from the Register of Domestic Software, the developers of which have completed the bug bounty program. This proposal was born during the answer to the question of the moderator of the discussion, information security expert of Positive Technologies Alexey Lukatsky about the readiness to participate in such programs after the federal Ministry of Digital Development publicly announced its plan to test the government services portal using a bug bounty before the end of this year.