Zoom shares 90-days progress report, promises its first transparency report later this year

Zoom in April put a 90-day feature freeze on new feature development after a massive increase in its user base due to the blockade revealing several security and privacy issues with the platform. Now, as the 90-day feature freeze ends, the video conference has shared a status report on the steps the company took to address those issues.

To remember, Zoom, while enacting a 90-day feature freeze, had announced a list of seven steps the company would take to fix flaws on its platform. This included sharing a transparency report and improving your bug bounty program, among other things. Now Zoom CEO Eric Yuan in a blog post announced that the company would announce its first transparency report later this year.

About the Bug Bounty program, the CEO of Zoom said the company had developed a central error repository that takes vulnerability reports from HackerOne, Bugcrowd and [email protected] The company has hired a Vulnerability & Bug Bounty Chief and several additional application engineers to fix flaws on its platform. It is also working with third party accessors for it.

In addition to his transparency report and bug rewards program, Yuan also said the company had worked with a group of outside experts, including CISO’s advisory board, Lea Kissner, Alex Stamos, Luta Security, Bishop Fox, Trail of Bits, NCC Group, Praetorian, Crowdstrike, Center for Democracy and Technology to review and make improvements to the company’s products, practices and policies. The company has also launched a CISO council comprising 36 CISOs from various industries to discuss various topics, such as regional data center selection, encryption, meeting authentication, and features like Inform a User, Passwords, and Waiting Rooms and suggest improvements over them.

Additionally, the company is working with third-party companies like Trail of Bits, NCC Group, and Bishop Fox to review the entire platform, including its APIs and data centers.

On the features front, the company has released Zoom 5.0 along with a ton of new security features like AES 256 GCM encryption, the waiting room, and limited screen sharing, among others. You are now working to add new security and risk management features to your platform. Lastly, the CEO of Zoom said he would continue to host the weekly webinars, which began April 1, through July 15, after which the company would move to monthly webinars.

“This period has brought about a significant change in our company and has made the security, privacy and security of our platform central to everything we do, as we strive to be worthy of the trust that customers place in us. … But we can’t and we won’t. Don’t stop here. Privacy and security are ongoing priorities for Zoom, and this 90-day period, while fruitful, was only a first step, “Zoom CEO said in a statement. .

Back to top button