Today we are excited to announce the availability of the Intel 2020 Product Security Report. With a global pandemic, 2020 certainly was a challenging year, but how do you say our thoughts are with those who have been impacted when literally everyone has been impacted? Yet, as we have seen time and again, bad actors are willing to take advantage of pain and suffering through a myriad of new scams targeting those seeking relief. It is in times like these that we must be vigilant and unrelenting in our commitment to security and transparency.
The 2020 product security report provides the level of transparency our customers demand, and with 92% of the vulnerabilities we addressed being discovered as the direct result of our investment in security assurance, it demonstrates the capability and maturity of process they expect. Of the 231 vulnerabilities we published, 109, or 47%, were found by Intel employees through our ongoing security research.
Last year, we saw a 33% increase in submissions to our Bug Bounty program from lots of new researchers. The 105 bounty submissions represent 45% of the total CVEs addressed in 2020 and 86% of the reports from external research. Since we established our public Bug Bounty program in 2018, we have paid out an average of $800,000.00 per year! To all the security researchers out there, thank you for participating!
Read the full report HERE.
Sr. Director of Communications
Intel Product Assurance and Security