YoVDO

Best Practices for Structuring Effective Bug Bounty Programs

Offered By: OWASP Foundation via YouTube

Tags

Cybersecurity Courses Ethical Hacking Courses Risk Management Courses Compliance Courses Intellectual Property Courses Program Management Courses Vulnerability Assessment Courses

Course Description

Overview

Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!
Explore the world of bug bounty programs in this 55-minute conference talk from AppSecUSA 2016. Delve into the evolution, structure, and best practices of these valuable vulnerability identification tools. Learn about the Department of Defense's first authorized bug bounty program and how vendors are reevaluating their approach. Address key concerns such as controlling bug hunters, security and privacy issues, contractual matters, handling rogue hackers, and liability and compliance considerations. Gain insights from industry experts Jim Denaro and Casey Ellis as they discuss effective program structuring, offensive and defensive applications of intellectual property, and the scalability of bug bounty initiatives. Understand the rewards and risks associated with these programs, and discover how they're reshaping the landscape of cybersecurity.

Syllabus

Intro
Introductions
Outline
Shark analogy
The reward
The risk
Survey results
Bug bounty evolution
Scale
Brief
Scope
Budgeting
Legal
Rogue Hacking
Questions
Offensive vs Defensive
Trust


Taught by

OWASP Foundation

Related Courses

Ethical Hacking
Indian Institute of Technology, Kharagpur via Swayam Investigación en Informática Forense y Ciberderecho
University of Extremadura via Miríadax MSc Cyber Security
Coventry University via FutureLearn Network Security - Introduction to Network Security
New York University (NYU) via edX Network Security - Advanced Topics
New York University (NYU) via edX