Prozoro launches new vulnerability search project
Projoro launched the electronic public procurement system bug bounty vulnerability discovery program on 1 June. Currently, Prozoro is inviting independent auditors, the so-called “white” hackers, who discover vulnerabilities in the system.
Prozoro called white hacking “one of the most popular and effective ways to find vulnerabilities in IT systems”. Representatives of the system mentioned that large technology companies (Google, Facebook, Amazon and others) are actively using such programs, but this is not a characteristic of government agencies. “We are one of the first state-owned IT systems to launch a bug bounty vulnerability discovery program on an ongoing basis,” Prozoro said.
Prozoro Press Office
To search for vulnerabilities, participants have access to a testing environment and information to work with: a copy of the central database, official portal, the office of the Antimonopoly Committee of Ukraine, the Office of the State Audit Service, sites, bugabony Program and research are included for unlimited time.
The company mentioned that the entire program is in the legal field, as all work takes place in a pre-production environment (test environment). According to information on the project website, hackers are guaranteed legal protection, which is subject to the rules for participation in the program.
Paypal magazine help
In 2019, a public procurement law was passed that changed the way Prozoro worked. Among the changes: mandatory use of Projoro according to the new simplified procedure for purchasing from 50 thousand UAH; The introduction of a new device to deal with dumping (the system would uncover unusually low prices); Ability to reject offers from suppliers who have not previously met the terms of the contract, etc.
Read: Experts Appreciate Projoro Performance