Intel Bug Bounty Program

Collaborating with the Research Community

Product security is enhanced with more people looking. We have smart, talented engineers and researchers working internally—and we engage with some of the best and brightest external security researchers and academics across the globe to help us identify and mitigate security vulnerabilities in Intel products.

Our Bug Bounty Program encourages collaboration with the research community and incentivize researchers to report vulnerabilities in Intel products. Through the Bug Bounty program, Intel invites researchers to test specific targets, submit vulnerabilities, and get paid for their work. Intel’s Bug Bounty Program has grown and evolved significantly since launch in 2017, starting with a handful of select security researchers. In 2018, Intel moved to a Bug Bounty program available to all eligible members of the public and has now worked with over 250 researchers worldwide. In 2020, 105 of the 231 Common Vulnerabilities and Exposures (CVEs) Intel addressed were reported through the Bug Bounty program.

As with similar industry programs, the Intel Bug Bounty program is part of our broader Product Security Incident Response Team (PSIRT) program supporting our Coordinated Vulnerability Disclosure (CVD) process.

A Community for Elite Hackers

Project Circuit Breaker brings together ethical hackers and security researchers. Those who accept the challenge can hunt bugs in the latest software and hardware products through virtual and live hacking events. The targets are difficult, but every bug hunted leads to more secure products. Find out more here.

Watch video

How Bug Bounty Drives Enhanced Product Security

Program manager Chris Holt explains the key role external reports play in helping Intel maintain the security of our products and solutions.

Watch the video

Reporting a Security Vulnerability

If you believe you’ve found a security vulnerability in an Intel product or solution, please submit reports through the current provider: Intigriti.

To find out more about the program, see the Intel® Bug Bounty Program Terms.

Bug Bounty Process

Each security bug report is individually evaluated based on technical details to determine severity and next steps.

Assessment: PSIRT ensures that all requested information has been provided for Triage. See the Reporting a Vulnerability page for a list of required information.
Triage: A team of Intel product engineers and security experts determines if a vulnerability is valid and an eligible Intel product or technology is impacted.
Vulnerability severity determination: PSIRT works with product security engineers and security experts to determine the severity and impact of a vulnerability.

Awards range from $500 up to $100,000, based on quality of the report, impact of a potential vulnerability, severity, delivery and quality of a proof of concept, and type of vulnerability.

Bug Bounty Eligibility

The program covers eligible Intel branded products and technologies maintained and distributed by Intel.

For full details, see the full list of Intel® Bug Bounty Program Terms.

Incentive Programs

Intel added a bonus incentive to focus on firmware and hardware within some Pentium®, Celeron®, and Intel Atom® processors.

Learn more

More Information

Intel PSIRT Mission

Vulnerability Handling Processes

Intel Product Security Center

Industry Group Engagement

Select Your Language

Using Intel.com Search

Quick Links

Recent Searches

Advanced Search

Only search in