Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Critical Vulnerabilities and Bug Bounty Programs

Bugcrowd via YouTube

Overview

Explore critical vulnerabilities uncovered through bug bounty programs in this Black Hat 2015 presentation by Kymberlee Price. Gain insights into the impact of these vulnerabilities on customers, learn about notable bug bounty programs like Google's Vulnerability Reward Program and Microsoft's Bounty Program, and understand the state of bug bounty reporting. Examine specific bugs and vulnerabilities, including detailed breakdowns and their significance. Discover strategies for collecting essential information, reducing noise in bug reports, and effectively communicating priorities. Evaluate the value of bug bounty programs and their role in vulnerability disclosures. Engage with real-world examples from major tech companies and learn how to improve your own bug hunting and reporting skills.

Syllabus

Introduction
Google Vulnerability Reward Program
Microsoft Bounty Program
State of Bug Bounty Report
Specific Bugs
Peter
Smartsheet
The Bug
Another Vulnerability
Vulnerability Overview
Collecting the Right Information
Example from Facebook
How to reduce noise
Scope documentation
Communicating priorities
Is it worth the hassle
Reducing noise
Vulnerability disclosures
Call to action
Questions

Taught by

Bugcrowd

Reviews

Start your review of Critical Vulnerabilities and Bug Bounty Programs

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.