【LINE】 Security Bug Bounty Program Migrates to HackerOne

2019.11.15 ALL

●LINE boosts its vulnerability reporting platform to provide safer and more secure services


TOKYO – November 15, 2019 – The LINE Security Bug Bounty Program—LINE Corporation's ("LINE") public reward program for reporting vulnerabilities in the LINE messaging app and related services—begins operating on the HackerOne platform today.


At LINE, a dedicated security team engages in all stages of the service development lifecycle—from planning and designing to implementation and release—verifying the security and safety of its services to eliminate possible design defects and implementation vulnerabilities. As an additional countermeasure to maintain service reliability, LINE uses internally developed data analysis systems that detect and deter possible account takeovers, spamming, and other service abuse. Furthermore, to ensure the safety of the messaging app, LINE's security team performs periodic security checks as well as regular penetration tests in cooperation with external security companies.


In these ways, LINE makes extensive efforts to maximize the safety and security of its services for its users by implementing a variety of security countermeasures—even leveraging external security talents and knowledge in addition to its own. One such effort is the LINE Security Bug Bounty Program, a public reward program which began operating on June 2, 2016 that rewards hackers for detecting and reporting vulnerabilities (known as bugs) in the LINE messaging app and its related services. As of November 12, 2019, the program has granted a cumulative total of USD 313,500 in rewards to 200 reports since launch.

■About LINE Security Bug Bounty Program https://bugbounty.linecorp.com/en/


Under the program, users have reported vulnerabilities up until now through LINE's own bug report platform. However, starting today, reports will only be accepted through the HackerOne bug report platform provided by the eponymous company in a move to provide users with a higher quality bug bounty program.

■Change to the Bug Report Platform for the LINE Security Bug Bounty Program https://linecorp.com/en/security/article/239 

Being a world-renowned vulnerability reporting platform, HackerOne will help to expand the LINE Security Bug Bounty Program's global outreach and engagement. As increasingly high-quality bug reports are received through HackerOne, LINE hopes to provide services that are even safer and more secure to its users.


LINE is dedicated to continuously improving the security of its services.


About HackerOne: 

HackerOne is the #1 hacker-powered pentest & bug bounty platform, helping organizations find and fix critical vulnerabilities before they can be exploited. More Fortune 500 and Forbes Global 1000 companiestrust HackerOne than any other hacker-powered security alternative. With over 1,600 customer programs,including The U.S. Department of Defense, General Motors, Google, Goldman Sachs, PayPal, Hyatt, Twitter, GitHub, Nintendo, Lufthansa, Microsoft, MINDEF Singapore, Panasonic Avionics, Qualcomm, Starbucks, Dropbox, Intel, HackerOne has helped to find over 140,000 vulnerabilities and award over $74M in bug bounties  to a growing community of over 550,000 hackers. HackerOne is headquartered in San Francisco with offices in London, New York, the Netherlands, France and Singapore.