



Intel Hardware

Processor (inclusive of micro-code ROM + updates)

Chipset

FPGA

Networking / Communication

Motherboard / System (e.g., Intel Compute Stick, NUC)

Solid State Drives

Intel Firmware

UEFI BIOS (Tiano core components for which Intel is the only named maintainer)

Intel® Management Engine

Baseboard Management Controller (BMC)

Motherboard / System (e.g., Intel Compute Stick)

Solid State Drives

Intel Software

Device driver

Application

Tool

If you have found a security bug in one of them you can mail them at secure@intel.com or report it at https://hackerone.com/intel





Following the release of the meltdown and spectre bug which is one of the most dangerous vulnerability till date, Intel has increased its bug bounty to $250,000.Rick Echevarria, the vice president of and the general manager of Platform security at Intel Corporation stated that "At Intel, we believe that working with security researchers is a crucial part of identifying and mitigating potential security issues in our products. Similar to other companies, one of the ways we’ve made this part of our operating model is through a bug bounty program. The Intel® Bug Bounty Program was launched in March 2017 to incentivize security researchers to collaborate with us to find and report potential vulnerabilities. This, in turn, helps us strengthen the security of our products, while also enabling a responsible and coordinated disclosure process."Updates to our program include:1) Shifting from an invitation-only program to a program that is open to all security researchers, significantly expanding the pool of eligible researchers.2) Offering a new program focused specifically on side channel vulnerabilities through Dec. 31, 2018. The award for disclosures under this program is up to $250,000.3) Raising bounty awards across the board, with awards of up to $100,000 for other areas.\The list of acceptable bugs is(as quoted from Intel's website)