Company
Date Published
July 16, 2024
Author
Michael Skelton, VP of Operations
Word count
1175
Language
English
Hacker News points
None

Summary

The Bugcrowd Platform has released version 1.14 of its Vulnerability Response Tool (VRT), expanding on its commitment to AI security by adding a new category: Data Bias Vulnerabilities. This update aims to mitigate the risk of AI perpetuating social harm through bias and discrimination, aligning with government regulations such as Executive Order 14110 and the EU Artificial Intelligence Act. The new categories focus on representation bias, pre-existing bias, processing bias, aggregation bias, confirmation bias, systemic bias, context ignorance, and developer biases. Additionally, this update includes several new vulnerability types, including email verification bypass, missing subresource integrity, token leakage via referer, software package takeover, privilege escalation, and removed broken authentication and session management issues. The VRT continues to evolve as hackers, Bugcrowd Application Security Engineers, and customers contribute to its development through Issues and Pull Requests.