Overview
Explore the limitations of narrow bug bounty and vulnerability disclosure program scopes in this 22-minute conference talk from Security BSides San Francisco. Discover why restricting hackers to small, limited-functionality applications can hinder the discovery of significant vulnerabilities. Learn how cybercriminals and adversaries continue to target organizations regardless of defined scopes, emphasizing the importance of comprehensive security approaches. Gain insights into improving bug bounty programs and vulnerability assessments to better protect against real-world threats.
Syllabus
BSidesSF 2023 - Hackers Don't Care About Scope (Ben Sadeghipour)
Taught by
Security BSides San Francisco