huntr - The World's First Bug Bounty Platform for AI/ML
huntr stands out as the world's premier bug bounty platform specifically designed for AI/ML. It offers a centralized hub for security researchers to submit vulnerabilities, ensuring the safety and stability of AI/ML open-source applications, libraries, and ML model file formats.
The submission process is well-defined. Researchers can find and submit vulnerabilities using a secure form. The platform then contacts the maintainer and follows up every 7 days. The maintainer has 31 days to respond to the report; for high and critical reports, if no response is received within this period, huntr will manually resolve them within 14 days.
If a report is deemed valid by either the maintainer or huntr, the researcher is rewarded a bounty. Open source reports may also be awarded a CVE, and a fix bounty may be given to the maintainer for patching the vulnerability and merging the patch. Soon, researchers will be able to submit a patch and claim the fix bounty.
All open source vulnerability reports become public on day 90, although maintainers can request an extension if necessary. Informational or invalid open source reports are made public immediately, while reports related to Model File Formats are not disclosed publicly.
huntr is leading the way in MLSecOps and enhancing AI security, making it an essential tool in the field of AI/ML.
