Offensive Security, a New York-based provider of cybersecurity training and certification, has announced a new bounty program for user generated content. Members of the information security community can now receive cash bounties for submitting vulnerable virtual machines to Offensive Security (OffSec) that are eligible to be incorporated into the Proving Grounds training labs.
Offensive Security is a provider of online penetration testing training and certification for information security professionals. The company’s hands-on training and certification programs, virtual labs and open-source projects provide practitioners with skills intended to help participants advance their careers and better protect their organizations.
“No matter how much training material you have consumed, the best way to demonstrate that you’ve acquired knowledge is to apply it,” said Ning Wang, CEO of Offensive Security. “By establishing this bounty program, OffSec is not only strengthening its training programs by incorporating the latest and greatest content from the community, we are offering people the chance to apply their knowledge by creating vulnerable machines and to get paid while doing it.”
With the new bounty program, members of the community can submit their exploitable applications through the company portal and receive various cash bounties depending on the quality of the vulnerable system. If the machine meets OffSec’s criteria, it is incorporated into the OffSec Proving Grounds labs programs, where they remain available for free through PG Play.
Similar to bug bounty programs, the OffSec User Generated Machines program operates on payment tiers whereby different rewards are offered depending on which criteria the machine meets.
The program provides an opportunity to make a contribution to the knowledge base for a potential fee, while further developing one’s skill level.