Overview
Explore the inner workings of GitHub's Bug Bounty program in this 26-minute conference talk from Security BSides San Francisco 2023. Gain valuable insights into the partnership between GitHub's Bug Bounty and PSIRT teams as they investigate security findings submitted by external researchers through the HackerOne bounty program. Follow the journey of a bug from triage to notification, understanding the roles of both teams and the full incident response process. Presenters Jeffrey Guerra and Caitlin Buckshaw walk you through a mock bug scenario, providing a comprehensive look at how GitHub handles security vulnerabilities reported by the community.
Syllabus
BSidesSF 2023 - Life of a Bug (an insight on the GitHub bounty... (Jeffrey Guerra, Caitlin Buckshaw)
Taught by
Security BSides San Francisco