An Invitation to Hack - Benefits and Risks of Vulnerability Disclosure Programs

Explore the world of vulnerability disclosure programs and bug bounties in this 59-minute webinar featuring experts from Wiley Rein Privacy & Cybersecurity Practice and HackerOne. Gain insights into the benefits and legal considerations of these cybersecurity initiatives for both private sector companies and federal government agencies. Learn from real-world examples, including Project Zero, DoD Vulnerability Disclosure, and Starbucks' program. Understand the legal framework, consent issues, scope definition, and notification obligations. Discover how these programs can enhance security while navigating potential challenges. Benefit from practical advice to implement in your organization, and stay informed about government interest and FTC statements on the topic. Participate in a Q&A session starting at minute 44 to address specific concerns and deepen your understanding of vulnerability disclosure policies.

Introduction
Background Legal Framework
The Benefits
Real World Examples
Project Zero
DoD Vulnerability Disclosure
Starbucks Vulnerability Disclosure
Starbucks
Legal Framework
Considerations
Consent
Scope
Notification obligations
Takeaways
BDP Platform
Questions
Government Interest
FTC Statement