YoVDO

Tips on Building a World-Class Bug Bounty Program - Zenefits Red Team Insights

Offered By: HackerOne via YouTube

Tags

Cybersecurity Courses Red Team Courses Incident Response Courses Program Management Courses Vulnerability Management Courses

Course Description

Overview

Discover best practices for building a world-class bug bounty program from Mack Staples, Senior Manager of Zenefits' Red Team. Learn how to protect sensitive customer data, including PII and PHI, through effective security strategies. Explore tips on partnering with engineering teams, establishing communication mechanisms, and maintaining program quality. Gain insights into program scope, managing entry, researcher selection, and responsiveness. Understand how to keep your program interesting and address common challenges. Get practical advice on starting a new program, implementing security training, and responding to reports. This 52-minute webinar, hosted by HackerOne, offers valuable knowledge for organizations looking to enhance their cybersecurity efforts through bug bounty initiatives.

Syllabus

Intro
Macks Background
Plan for the Best Expect the Worst
Value of Partnering with Engineering and Development Teams
Mechanism for Communication
Maintaining a Good Program
Questions
Bonus Tips
Program Scope
Managing Entry
Rock Star
Which Researcher
Responsiveness
How do you respond to reports
How do you keep the program interesting
Questions for Mack
Starting a new program
Security training
Security training process
Wrap up


Taught by

HackerOne

Related Courses

Security Assessment and Testing
Packt via Coursera
Windows Red Team Exploitation Techniques | Red Team Series 3-13
Linode via Independent
PowerShell for Security Professionals
LinkedIn Learning
Assessing Red Team Post Exploitation Activity
Pluralsight
Privilege Escalation with UACMe
Pluralsight