YoVDO

Running a Bug Bounty Program - What You Need to Know

Offered By: OWASP Foundation via YouTube

Tags

Application Security Courses Cybersecurity Courses Ethical Hacking Courses Incident Response Courses Program Management Courses Reward Systems Courses Vulnerability Assessment Courses Security Testing Courses Vulnerability Management Courses

Course Description

Overview

Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!
Explore the intricacies of running a bug bounty program in this 46-minute conference talk from AppSecEU 2016 in Rome. Delve into the reasons behind implementing bug bounties, their value, and the key players involved. Learn about offering rewards, setting up basic resources and environments, managing access, and fostering teamwork. Gain insights on handling the program post-launch, including the importance of speed, distinguishing between good and bad reports, and implementing a rating taxonomy. Discover validation horror stories and success stories, and understand the significance of marketing in bug bounty programs. Conclude with a Q&A session to address specific concerns and queries.

Syllabus

Introduction
Grant McCracken
Bug bounties
Why
Who
Value
Running a bug bounty
Offering rewards
Its you vs them
Step 0 Basic resources
Environment
Shared Environments
Access
Teamwork
After the program goes live
Summary
Speed
Good and bad reports
Rating taxonomy
Why rating taxonomy is important
Validation horror stories
Success stories
Conclusion
Question
Marketing


Taught by

OWASP Foundation

Related Courses

Computer Security
Stanford University via Coursera Cryptography II
Stanford University via Coursera Malicious Software and its Underground Economy: Two Sides to Every Story
University of London International Programmes via Coursera Building an Information Risk Management Toolkit
University of Washington via Coursera Introduction to Cybersecurity
National Cybersecurity Institute at Excelsior College via Canvas Network