What are bug bounty programs?
In this hunting edition of the Exploring Information Security podcast, Keith Hoodlet of Bugcrowd joins me to discuss bug bounty programs.
Keith (@andMYhacks), is a solutions architect at Bugcrowd. He's also the co-host of Application Security Weekly. While Keith works at Bugcrowd, he also has a lot of experience participating in bug bounty programs. Check out his website AttackDriven.io.
In this episode we discuss:
What are bug bounty programs?
Who are security researchers.
Who is running the bug bounty program?
When should an organization implement a program.
More resources:
The Web Application Hacker's Handbook: Finding and Exploiting Security Flaws by Dafydd Stuttard and Marcus Pinto
Your browser doesn't support HTML5 audio