DJI Doubles Bug Bounty Rewards

Identify high-risk and critical server vulnerabilities to earn double rewards for the rest of the year

By Ishveena Singh Ishveena Singh
November 24, 2020

DJI, the only drone manufacturer in the world to have initiated a Bug Bounty Program, is doubling down on IT security efforts with a special bug bounty incentive. For the rest of this year, security researchers can earn double the maximum payouts possible (up to $10,000) via the DJI Bug Bounty Program. 

The DJI Bug Bounty Program

DJI launched its Bug Bounty Program toward the end of 2017 as part of an expanded commitment to work with the research community to proactively discover, disclose, and remediate issues that could affect the security of DJI’s products, applications, and servers. The bounty, thus far, has paid out tens of thousands of dollars to over one hundred researchers.

DJI raised the bounties for server vulnerabilities after noticing that the rate of payouts for server bug vulnerabilities had fallen since 2018. We wanted security researchers to keep finding those bugs, and doubling the size of rewards is a way to focus attention on them. We hope this effort will result in more reports submitted, more server bugs found and remediated, and larger payouts for researchers.

Earning and keeping the trust of our users is a top priority and a close partnership with security researchers allows us to stay ahead of a new generation of hacking tools and at the forefront of consumer data privacy and protection. This is why we are offering higher bounty payouts to qualified DJI contributors who report critical or high-severity server vulnerabilities to us in accordance with the DJI Vulnerabilities Rating Guidelines.

Bug Bounty Server TableVulnerabilities Eligible for Double Rewards under DJI Bug Bounty Program

The bounty range for high-risk issues has been increased to up to $2,000 and reporting a critical server bug could help you earn up to $10,000. If you so consent, your unique contribution will also be recognized on the DJI Security Contributors Wall of Fame and/or in other media.

How to report a bug

The process of reporting a bug is pretty straightforward. You will need to create a testing account here to submit your findings in the given reporting template. While we may contact you to confirm the details of your discoveries, a detailed description of the bugs or vulnerabilities will help us to reproduce the issues and fix them exigently. Please remember we take every report seriously and diligently investigate each vulnerability to address it in a reasonable period of time.

Bug Bounty ProcessHow DJI Bug Bounty Process Works

An Ongoing Commitment To Cybersecurity and Data Privacy

The DJI Bug Bounty initiative supplements the other powerful measures that we routinely take to bolster data security, customer privacy, and airspace safety, including ensuring that all new products and app software undergo a stringent multistep internal review process.

DJI customers control their data. They alone determine whether to share any of their photos, videos or flight logs with anyone else. Neither DJI nor anyone else can access that data unless customers share it with us, and DJI’s Local Data Mode provides a further level of security by shutting all Internet data transmission from the drone. You can learn more about how to protect your drone data at this link

DJI’s data security has been independently examined and validated by a wide range of  independent reviews. Some are from US federal agencies such as the National Oceanic and Atmospheric Administration, Department of Interior, and Department of Homeland Security. Additional studies by cybersecurity firms Kivu Consulting, Booz Allen Hamilton, and FTI Consulting have found no evidence of any unexpected data transmission from DJI drones. For a greater view into our security protocols and audit reports, visit the DJI Security Response Center.

But remember, you can take advantage of our special bug bounty incentive only until Dec. 31, 2020. Grab full details of the DJI Bug Bounty Program Policy here and act quickly to reap double the rewards! 

 
Share on Social Media:

Tags: Drone Ecosystem

System Security White Paper Mobile CTA

To stay in touch and receive ebooks, resources, and product updates, subscribe to our newsletter.

Ishveena Singh
About the Author Ishveena Singh

Ishveena Singh (she/her) is a multi-platform journalist and writer whose articles on drones and geospatial technologies have appeared in Geospatial World, GeoConnexion, MapScaping, Fluid Handling International, Women Who Drone, Geoawesomeness, and many other publications. Currently, she contributes regular news, case studies, and feature pieces to DroneDJ.com.

Before turning to the world of drones, Ishveena spent nearly a decade writing and editing for newspapers and media websites including The Times of India, Microsoft’s MSN News, Miami Herald International, and Daily Post India.

Ishveena has been named as one of the 50 Rising Stars of the geospatial industry by Geospatial Media and Communications, the creators of Geospatial World Forum and GeoBuiz Summit.

Related articles

Recent Posts

BVLOS

Detailed Overview of North America BVLOS Regulations for Remote Drone Operations

Beyond Visual Line of Sight (BVLOS) operations marked a significant evolution in the drone industry within North America. Understanding these regulations is crucial for ensuring safe and compliant...
Read More
EU Drone Regulations Made Easy: DJI Dock 2 Compliance Guide

Policy & Regulations | Dock 2 | BVLOS | BVOLS

EU Drone Regulations Made Easy: DJI Dock 2 Compliance Guide

The rapid evolution of drone technology is pushing the boundaries of what is possible in various sectors, including construction, asset management, and environmental monitoring. Among the...
Read More

Drone Ecosystem | Product Innovation

Introducing 4G Connection for Drones with DJI Cellular Dongle

In today's rapidly advancing technological landscape, drone operators are looking to increase their ability to fly drone operations by diversifying their missions while simultaneously enhancing...
Read More

Software Update | FlightHub 2

DJI FlightHub 2: Virtual Cockpit Now Available

DJI is introducing new software updates to FlightHub 2 to enhance user experience. Read along as we explore how these updates can benefit drone users across all industries.
Read More