YoVDO

Running a Bug Bounty Program - What You Need to Know

Offered By: OWASP Foundation via YouTube

Tags

Application Security Courses Cybersecurity Courses Ethical Hacking Courses Incident Response Courses Program Management Courses Reward Systems Courses Vulnerability Assessment Courses Security Testing Courses Vulnerability Management Courses

Course Description

Overview

Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!
Explore the intricacies of running a bug bounty program in this 46-minute conference talk from AppSecEU 2016 in Rome. Delve into the reasons behind implementing bug bounties, their value, and the key players involved. Learn about offering rewards, setting up basic resources and environments, managing access, and fostering teamwork. Gain insights on handling the program post-launch, including the importance of speed, distinguishing between good and bad reports, and implementing a rating taxonomy. Discover validation horror stories and success stories, and understand the significance of marketing in bug bounty programs. Conclude with a Q&A session to address specific concerns and queries.

Syllabus

Introduction
Grant McCracken
Bug bounties
Why
Who
Value
Running a bug bounty
Offering rewards
Its you vs them
Step 0 Basic resources
Environment
Shared Environments
Access
Teamwork
After the program goes live
Summary
Speed
Good and bad reports
Rating taxonomy
Why rating taxonomy is important
Validation horror stories
Success stories
Conclusion
Question
Marketing


Taught by

OWASP Foundation

Related Courses

Careers in Media Technology
Stanford University via Kadenze Evidence-Based Project Management
Australian National University via edX Health in Complex Humanitarian Emergencies
Emory University via Coursera Strategic Applications of IT Project & Program Management
University of Washington via edX Agile Process, Project, and Program Controls
University System of Maryland via edX