From their origins in the recreational arena, Parrot has emerged as a major power in the commercial drone industry: making the government-approved, Blue sUAS list in the U.S. with it’s U.S.-manufactured ANAFI USA. Now, the launch of a Parrot bug bounty program with YesWeHack shows the company is making a point of data security, a critical feature for the enterprise, across all of their platforms.
YesWeHack is the first European crowdsourced security platform. “Through this partnership, Parrot benefits from YesWeHack’s vast community of cybersecurity researchers to identify potential vulnerabilities in its drones, mobile applications and WebServices,” says the announcement.
The Bug Bounty program will take place in two phases:
- The private programs will initially give exclusive access to selected security researchers and will include future Parrot drone models. The expertise and diverse skills of the researchers will confirm the high level of security of the products before they are marketed, for the greater benefit of Parrot users’ security and the protection of their data.
- After a first phase in a private Bug Bounty program, and after being commercialized, the products will enter a public program. Their security will then be scrutinized by the entire YesWeHack community, representing more than 22,000 cybersecurity researchers.
Parrot says that cybersecurity is a priority: they provide users with “full transparency on the security of their data.” A complete assessment conducted by Bishop Fox is published on its website. It’s a critical issue for all drone manufacturers now, as the industry has seen drone manufacturing giant DJI put on the defensive about data security after U.S. governement agencies expressed concerns about Chinese-manufactured technology.
Victor Vuillard, Chief Security Officer and CTO Cybersecurity of the Parrot Group, says “After the integration of cybersecurity from the initial design phase of Parrot drones, the Bug Bounty launched with YesWeHack completes the audits and brings an additional step of control. In the event of a flaw, YesWeHack’s community of cybersecurity researchers will detect it and allow Parrot to correct it, before real attackers can misuse it.”
“We are delighted to support Parrot in its commitment to the drone and user’s data security. The richness and diversity of the YesWeHack community offers the spectrum of skills required to cover the full range of perimeters, whether hardware or applications. The public Bug Bounty phase, which will take place in a second phase, will allow Parrot’s products to be confronted with the expertise of several thousand researchers, thus reinforcing its transparency in cybersecurity. “says Guillaume Vassault-Houlière, CEO of YesWeHack.