Adobe expands partnership with ethical hackers for safe AI

Adobe is expanding its bug bounty program to secure their AI tools, Content Credentials and Firefly.

By
  • Storyboard18,
| May 2, 2024 , 1:00 pm
Acrobat is the first PDF solution to offer in-app generative image capabilities.(Image source: Moneycontrol)
Acrobat is the first PDF solution to offer in-app generative image capabilities.(Image source: Moneycontrol)

In a bid to promote safe AI (artificial intelligence) usage, Adobe announced the expansion of the Adobe bug bounty program to reward security researchers for discovering and responsibly disclosing bugs specific to their implementation of Content Credentials and Adobe Firefly.

“By fostering an open dialogue, we aim to encourage fresh ideas and perspectives while providing transparency and building trust,” said Adobe in a company blog.

Content Credentials are built on the C2PA open standard and serve as tamper-evident metadata that can be attached to digital content to provide transparency about their creation and editing process.

Content Credentials are currently integrated across popular Adobe applications such as Adobe Firefly, Photoshop, Lightroom and more.

“We are crowdsourcing security testing efforts for Content Credentials to reinforce the resilience of Adobe’s implementation against traditional risks and unique considerations that come with the provenance tool, such as the potential for intentional abuse of Content Credentials by incorrectly attaching them to the wrong asset,” the blog added.

The blog also highlights the importance to understand and mitigate the potential risks that can arise from the use of AI and the company’s ongoing commitment to advancing safe, secure, and trustworthy AI that includes transparency about the capabilities and limitations of large language models (LLMs).

“Adobe has long focused on establishing a strong foundation of cybersecurity, built on a culture of collaboration, enabled by talented professionals, strong partnerships, leading edge capabilities, and deep engineering prowess. We prioritize research and collaborating with the broader industry on preventing risks by responsibly developing and deploying AI,” read an excerpt from the blog.

The company has been long engaging with partners, standards organisations, and security researchers for to enhance the security of their products and the move to expand bug bounty program is another step taken in that direction.
“The skills and expertise of security researchers play a critical role in enhancing security and now can help combat the spread of misinformation,”said Dana Rao, executive vice president, general counsel and chief trust officer at Adobe.

“We are committed to working with the broader industry to help strengthen our Content Credentials implementation in Adobe Firefly and other flagship products to bring important issues to the forefront and encourage the development of responsible AI solutions,” Rao added.

“Building safe and secure AI products starts by engaging experts who know the most about this technology’s risks. The global ethical hacker community helps organisations not only identify weaknesses in generative AI but also define what those risks are,” said Dane Sherrets, senior solutions Architect at HackerOne.
HackerOne is a leading hacker-powered protest and bug bounty platform, helping organizations find and fix critical vulnerabilities before they can be exploited. Adobe Bug Bounty Program has been working with HackerOne for some time now.

Leave a comment