Video-sharing app partners with crowdsourced security platform


TikTok has expanded its existing security vulnerability disclosure program by launching a new partnership with HackerOne.

The popular video-sharing app announced a new public bug bounty program yesterday (October 15).

A statement reads: “Today, we are announcing the expansion of our existing vulnerability disclosure policy to a global public bug bounty program through a partnership with HackerOne, [which] has a strong track record across both government and business, including the US Department of Defense and General Motors.

“This partnership will help us to gain insight from the world’s top security researchers, academic scholars, and independent experts to better uncover potential threats and make our security defenses even stronger.”


Read more of the latest bug bounty program news


TikTok made the changes to coincide with National Cybersecurity Awareness Month, which kicked off in the US on October 1.

“Security is constantly evolving, and our team is committed to meeting the challenge head on,” the company said. “We will continue to build a safe and secure app for the TikTok community by investing in technology, people, and partnerships.”

Concerns

TikTok has come under fire in recent months due to concerns about its privacy and security.

Critics of the app claim the company is passing on data to the Chinese government. It has already been banned in India, and the US made a bid to stop it from being downloaded.

TikTok said in relation to the US move: “We want the 100 million Americans who love our platform because it is your home for expression, entertainment, and connection to know: TikTok has never, and will never, waver in our commitment to you.

“We prioritize your safety, security, and the trust of our community – always.”


RELATED Web security holes left TikTok users wide open to pwnage