Whenever possible, Parrot uses standard protocol and file formats. There is no obfuscated code, nor hidden features. It allows the user to understand how Parrot products works and check their security. In addition, OpenFlight - the software used to control the drone - is Open Source: then, the users benefit from full control.
Back in April 2021, Parrot has launched a “Bug Bounty” program together with YesWeHack, the first European crowdsourced security platform. Through this partnership, Parrot benefits from YesWeHack's vast community of cybersecurity researchers to identify potential vulnerabilities in its drones, mobile applications and WebServices.
The Bug Bounty program takes place in two phases:
The private programs initially gives exclusive access to selected security researchers and includes future Parrot drone models. The expertise and diverse skills of the researchers will confirm the high level of security of the products before they are marketed, for the greater benefit of Parrot users' security and the protection of their data.
After this first phase in a private Bug Bounty program, and after being commercialized, the products enters a public program. Their security is then scrutinized by the entire YesWeHack community, representing more than 22,000 cybersecurity researchers.