The company plans to continue its multiprong approach to security, says Jerry Bryant, director of security communication in the Intel Platform Assurance and Security (PAS) group. Security isn t a one-time investment thing, he says. You have to think about it more broadly from good security development practices, baking that into the mindset across your company, investing in vulnerability management processes and the ongoing security research into your products, both prerelease and shipping.
The report highlights the growing importance of bug-bounty programs for application and software developers. Not even five years ago, many companies continued to debate the efficacy of bug-bounty programs, but most have come to value their relationships with external researchers.
Intel: Paid Research Caught More Than 90% of Our darkreading.com - get the latest breaking news, showbiz & celebrity photos, sport news & rumours, viral videos and top stories from darkreading.com Daily Mail and Mail on Sunday newspapers.
5 Big Takeaways From Intel’s 2020 Product Security Report
The semiconductor giant’s 2020 Product Security Report outlines how many vulnerabilities were uncovered by Intel versus external research, which product areas had the most vulnerabilities and how severe the issues were last year, among other things. By Dylan Martin March 03, 2021, 01:00 PM EST
Ever since the Spectre and Meltdown CPU vulnerabilities prompted a security reckoning for Intel in 2018, the chipmaker has been doubling down on investments in product security, which included the formation of the Intel Product Assurance and Security group as well as a bug bounty program.
Those investments have also included more public-facing communications, such as Intel’s 2020 Product Security Report, which came out Wednesday and outlines where the company found vulnerabilities in its products, how severe they were and how Intel worked with external researchers. None of the 231 vulnerabil