Lessons learned from running 95 bug bounty programs
by Mirko Zorz - Editor in Chief - Wednesday, 3 September 2014.
Large companies such as Google and Facebook have dedicated teams that review bug submissions, verify valid bugs and reward security researchers, but that can be time and cost-prohibitive for most companies. Bugcrowd is making sure that every company can leverage the power of crowdsourced security.
In this podcast recorded at Black Hat USA 2014, Casey Ellis, Founder and CEO of Bugcrowd, talks about the lessons they've learned after running 95 bug bounty programs as well as the different types of researchers that take part in their programs.
Press the play button below to listen to the podcast:
Posted on 16 September 2014. | (IN)SECURE Magazine is a free digital security publication discussing some of the hottest information security topics. This issue covers web application security, mobile hacking, certification, Black Hat, and much more.
Posted on 15 September 2014. | Public and community clouds can be appealing targets for hackers looking to disrupt or steal information from scores of organizations with one successful strike. Here are some emerging security threats and issues cloud providers and their clients should be aware of.
Posted on 12 September 2014. | Deploying SSL or TLS in a secure way is a great challenge for system administrators. This book aims to simplify that challenge by offering extensive knowledge and good advice - all in one place.
Posted on 10 September 2014. | We often hear about attacks against websites, most of which are mitigated by one of the many DDoS mitigation services available on the market. How do the big guys tackle these attacks? What weapons can an ISP bring to the battleground?