Company joins the likes of Tesla and Google.
The company will be using the Bugcrowd platform which bills itself as a pioneer in crowdsourced security testing for enterprise companies. FCA hopes the platform will enable the company to identify potential security vulnerabilities and then implement fixes or mitigate the issue. The company says this will help to improve the safety and security of FCA models as well as "foster a spirit of transparency and cooperation within the cybersecurity community."
Bugcrowd will be responsible for paying contributors following the identification of a security vulnerability. The payout ranges from $150 to $1,500 USD and the reward is based on the criticality of the vulnerability as well as the number of users it impacts.
In a statement, FCA U.S. Senior Manager of Security Architecture said “We want to encourage independent security researchers to reach out to us and share what they’ve found so that we can fix potential vulnerabilities before they’re an issue for our consumers.” Titus Melnyk went on to say the program is preferable as it "ultimately benefits us all" as "exposing or publicizing vulnerabilities for the singular purpose of grabbing headlines or fame does little to protect the consumer."
Source: Fiat Chrysler Automobiles