Intel Bounty Payment Update
Beginning in 2026, any new submission will be paid using CVSS V4. Additionally, Intel is evaluating enhanced bounty and bonus criteria to better reward researchers for valuable submissions, this may include bonuses for quality, variant research, and exceptional POC to name a few. As per Intel’s Program terms, Bounty award arrangements under this program, including the timing, bounty amount and form of payments, are at Intel’s sole discretion and will be made case-by-case. Intel will not be retroactively applying enhanced payments to previously submitted reports.
Featured Products
This is the latest set of Featured Product updates in our launch series. We hope you will continue searching for vulnerabilities in these and other Intel Services products, and participate in the Intel(R) Bug Bounty Program.
Happy Hacking,
Lady_N and the Intel PSIRT
| Product | ** Platform Security Services RIM Management Service ** |
|---|---|
| Location | https://rms-prod.intel.com |
| Location | https://rms-prev.intel.com |
| Description | The RIM Management Service (RMS) is a cloud-based service which provides the mechanisms for device, component, and platform manufacturers the ability to issue Reference Integrity Manifests. The service is designed to support the TCG Endorsement Architecture for Devices and support the CoRIM encoding structure. |
| Product | ** Platform Security Services Online Certificate Status Protocol Responder** |
|---|---|
| Location | https://ocsp-prod.intel.com |
| Location | https://ocsp-prev.intel.com |
| Description | The PSS OCSP service provides real-time certificate status information. It can support any Certificate Authority hosted by Intel Key Generation Facility (IKGF). When a customer wants to verify the status of certificate, it sends an OCSP request to our OCSP responder. The OCSP responder returns an OCSP response indicating the status of the certificate. If the certificate is still valid, the OCSP responder will return status as 'good'. |
| Product | ** Chip2Cloud ** |
|---|---|
| Location | https://endpointcloudservices.intel.com |
| Description | Enables ISVs to utilize top Intel AMT use cases in a modern, SaaS solution. |
| Product | ** Intel Trusted Connect Service (TSCore) ** |
|---|---|
| Location | https://ias.intel.com |
| Location | https://trustedservices.intel.com |
| Location | https://tsci.intel.com |
| Description | An umbrella of backend infrastructure, components and services for Provisioning and Attestation to Platforms based on Hardware Roots of Trust. |
| Product | ** Intel® AI Assistant Builder ** |
|---|---|
| Location | https://aibuilder.intel.com |
| Description | Intel(R) AI Assistant Builder is a Reference Design Platform enabling the rapid creation of custom AI assistants and agents. |
This is one of many Service products that is available for bounties.
Featured Products
This is the latest set of Featured Product updates in our launch series. We hope you will continue searching for vulnerabilities in these and other Intel Services products, and participate in the Intel(R) Bug Bounty Program.
Happy Hacking,
Lady_N and the Intel PSIRT
| Product | ** Intel® On Demand** |
|---|---|
| Location | https://api-portal.intelondemand.intel.com |
| Location | https://api.intelondemand.intel.com |
| Description | Intel On Demand is a service primarily managed by Intel® and hardware providers to enable select CPU-based features and capabilities. It is offered via two models: one-time license-based feature activation and metering-based consumption. |
| Product | ** Services for Intel hardware-based Trusted Execution Environments** |
|---|---|
| Location | https://api.portal.trustedservices.intel.com/ |
| Location | https://api.trustedservices.intel.com/ (API) |
| Documentation | https://api.portal.trustedservices.intel.com/content/documentation.html |
| Description | Intel provides both registration and provisioning services for selected Intel® Xeon® E processors and Intel® Xeon® Scalable processors (starting from 3rd generation). These services support both Intel® Software Guard Extensions (Intel® SGX) and Intel® Trust Domain Extension (Intel® TDX) services, providing the data and collateral to enable third-party remote attestation using the Elliptic Curve Digital Signature Algorithm (ECDSA). |
| Product | ** Intel Platform Design Studio** |
|---|---|
| Location | https://design-studio.intel.com/portal-frontend |
| Description | Intel PDS provides a series of services for customers to design and validate with Intel Architecture. Intel PDS Cloud is about evolving these services into and end-to-end, cloud-based design experience. |
| Product | ** Skylight Ridge Cloud API** |
|---|---|
| Location | https://api.s.telemetry.intel.com/ |
| Location | https://manage.s.telemetry.intel.com/ |
| Location | https://ingest.s.telemetry.intel.com/ |
| Description | The Skylight Ridge Cloud APIs are the way for in-field telemetry upload and ETL processing of the data. The APIs will also provide the ability for data retrieval, querying and insights generation. |
| Product | ** Intel® Tiber™ Trust Authority ** |
|---|---|
| Location | https://trustauthority.intel.com/ |
| Description | Intel Tiber Trust Authority is a zero-trust attestation service that provides customers with assurance that their apps and data are protected on the platform of their choice, including multiple cloud, sovereign clouds, edge, and on-premises environments. |
These are a few of the many Service products that are available for bounties.
Featured Products
This is the last set of Featured Products updates in our launch series. We hope you will continue searching for vulnerabilities in these and other Intel Services products, and participate in the Intel(R) Bug Bounty Program.
Happy Hacking,
flyingtoasters and the Intel PSIRT
| Product | Intel Product Compatibility Tool |
|---|---|
| Location | https://compatibleproducts.intel.com/ |
| Description | Website that allows external customers to get compatibility information for intel products. |
| Product | **Intel Assessment Portal ** |
|---|---|
| Location | https://assessmenttool.intel.com |
| Description | Submit and manage requests to Intel®, who will assess your systems by running a series of workloads. View the status and results of your request. |
| Product | Production Mark Forensics Tool |
|---|---|
| Location | *.pmft.intel.com |
| Description | PMFT is a smart client application used by Intel 3rd-party contracted Return Centers and Intel Warehouses to detect and identify fraudulent processors returned to Intel under the Warranty program. |
| Product | **Thunderbolt™ Image Builder ** |
|---|---|
| Location | *.thunderboltimagebuilder.intel.com |
| Description | Web application allowing customers (OEMs, ODMs) to easily customize their Thunderbolt images. |
| Note | Requires an existing Thunderbolt™ license agreement. |
These are a few of many Service products that is available for bounties.
Featured Products
| Product | Software Asset Manager |
|---|---|
| Location | https://api.intel.com |
| Description | Unified software update mechanism to keep intel software asset secure and up to date in timely and intel-controlled manner. |
| Product | Lantern Rock |
|---|---|
| Location | * analytics.intel.com |
| Location | *.telemetry.intel.com |
| Description | Lantern Rock provides a telemetry and analytics solution to Intel developed software. Instrument your software to gain insights into user behavior, trends and patterns. |
| Product | Neural Object Cloning |
|---|---|
| Location | *.neuralobjectcloning.api.intel.com |
| Location | https://github.com/intel-sandbox/gfxresearch.neural-reflectance-spaces |
| Description | Neural object cloning enables creating high-quality 3D assets using a simple API for everyone. Intel's innovative 3D reconstruction technology streamlines the creation of 3D content, making it as straightforward as recording a video with your phone. Read more: link |
These are a few of many Service products that is available for bounties.
Featured Products
| Product | Telemetry Based Validation |
|---|---|
| Location | https://crowdsource.tbvex.net |
| Description | Operational hosting for CSPV debug and triage used by TBV team. |
| Product | Endpoint Cloud Services |
|---|---|
| Location | vprofleet.intel.com |
| Description | Enable ISV/OEM partners through a set of API's to expand their product offering to include endpoint management and insight services. |
| Product | Intel Device Health |
|---|---|
| Location | *.endpointcloudservices.intel.com |
| Description | Intel® Device Health (IDH) is an innovative service from Intel providing IT up to date information on risks affecting their environments due to unpatched systems. The IDH service will initially be available as an integrated data feed within Aterntity’s Digital Experience Endpoint Management (DEM) Software. |
These are a few of many Service products that is available for bounties.
Featured Products
| Product | Intel Geti SaaS |
|---|---|
| Location | https://app.geti.intel.com/ |
| Location | https://www.intel.com/content/www/us/en/developer/tools/tiber/edge-platform/model-builder.html |
| Description | Intel Geti is a no-code SW application developed by Intel which enables subject matter experts (SME) to solve their problems using machine learning, without any prior machine learning experience. The application can be accessed by the customer either using an interactive web UI, or through an API. |
| Note | Intel Single-Sign On is used for the authentication is managed by Intel IT and not eligible for bounties. Any reports on Intel SSO sent to the Intel® Bug Bounty Program will be forwarded to external.security.research@intel.com on your behalf and closed as informative. |
This is one of many Service products that is available for bounties.
Featured Products
| Product | Intel Edge Software Hub |
|---|---|
| Location | *.edgesoftware.intel.com |
| Description | Download pre-validated software to learn, develop, and test your solutions for the edge. The Edge Software Hub is an online capability for ODMs and ISVs to generate install and validation scripts for various software components from Intel and third-party. See also link |
This is one of many Service products that is available for bounties.
Featured Products
| Product | Intel Quality Center |
|---|---|
| Location | https://www.qualitycenter.intel.com |
| Description | A web application that allows the automation of compliance testing and platform validation. |
This is one of many Service products that is available for bounties.
Featured Products
| Product | AI Software Catalog |
|---|---|
| Location | *.aiswcatalog.intel.com |
| Description | Choose from a broad range of solutions designed to simplify and accelerate your AI development timeline, from training and optimization to deployment. Our catalog includes specialized tools and frameworks optimized for RAG implementations, ensuring you have the resources needed to build cutting-edge AI applications that leverage the latest in retrieval-augmented generation technology. |
This is one of many Service products that is available for bounties.