Explore the evolution of bug bounty programs in this 38-minute Black Hat conference talk. Delve into the history of bug bounties, from their inception to the game-changing "Hack The Pentagon" initiative in 2016. Examine the myths and realities of competing with the offense market, and consider alternative solutions for ethical hackers. Analyze the effectiveness of modern bug bounty programs over the past decade, and discover potential future directions for hackers, organizations, and the security industry. Learn about vulnerability coordination maturity models, organizational commitment, labor laws, and big payouts. Gain insights into metrics, vulnerability handling, and the potential of cybersecurity apprenticeships in shaping the future of bug bounty programs.
Bug Bounty Evolution - Not Your Grandson's Bug Bounty
Overview
Syllabus
Intro
The Parable of the Long Spoon
History of Bug Bounty
Vulnerability Coordination maturity model
Organizational commitment
Labor laws
Big payouts
Whats next
Metrics
Vulnerability Handling
Cybersecurity Apprenticeships
Conclusion
Taught by
Black Hat
Related Courses
-
We Hacked The Planet - Now What?
-
Security Evolution - Bug Bounty Programs for Web Applications
-
Fad or Future - Getting Past the Bug Bounty Hype
-
Does Public Disclosure of Vulnerabilities Affect Hacker Participation in Bug Bounty Programs?
-
Bug Bounty Conspiracy and 50 Shades of Gray Hat - Who Owns the Vulnerability?
-
Bug Bounties - Relationship Advice for the Hunters and the Hunted
