Bug Bounty Programs - Successfully Controlling Complexity and Perpetual Temptation

Bug Bounty Programs - Successfully Controlling Complexity and Perpetual Temptation

OWASP Foundation via YouTube Direct link

Panel

2 of 41

2 of 41

Panel

Class Central Classrooms beta

YouTube videos curated by Class Central.

Classroom Contents

Bug Bounty Programs - Successfully Controlling Complexity and Perpetual Temptation

Automatically move to the next video in the Classroom when playback concludes

  1. 1 Introduction
  2. 2 Panel
  3. 3 Introductions
  4. 4 How Many Companies Have Bug Bounty Programs
  5. 5 First Payout for a Hacker
  6. 6 Types of Bug Bounty Programs
  7. 7 Limiting Your Scope
  8. 8 Starting Private
  9. 9 Static Code Analysis
  10. 10 Private Program
  11. 11 Private vs Public
  12. 12 Most Effective Control
  13. 13 Hybrids
  14. 14 Lifecycle
  15. 15 Global vs US
  16. 16 Poorly defined scope
  17. 17 Inhouse counsel
  18. 18 Product development
  19. 19 Legal IR
  20. 20 Vulnerability database
  21. 21 When researchers get paid
  22. 22 Paying upfront
  23. 23 Setting expectations
  24. 24 Signing up for bugs that dont promise to pay
  25. 25 Fixing security vulnerabilities
  26. 26 Consistency
  27. 27 Audience Question
  28. 28 Public vs Private Disclosure
  29. 29 Sharing
  30. 30 False Negatives
  31. 31 Benefits
  32. 32 Legal Risks
  33. 33 False Positive Rates
  34. 34 Transferring Findings
  35. 35 Payment Systems
  36. 36 Payment Frameworks
  37. 37 Ethical Behavior
  38. 38 Ban Everyone
  39. 39 Facebook Bounty
  40. 40 Bitcoin Bounty
  41. 41 Summary

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.