Microsoft and Facebook are now sponsoring security research through HackerOne, a bug bounty program that rewards hacks on important Internet technology with cash rewards and non-profit donations.
Unlike other bug bounty programs, HackerOne encourages researchers to not only find vulnerabilities, but also to fix bugs or contribute significant security improvements. Google has launched a similar program. How will these programs influence security researchers?
Listen to episode 110 of our Security Slice podcast and hear Dwayne Melancon, Ken Westin, Craig Young and Tim Erlin discuss why these programs will help WhiteHats, the legal pitfalls of non-vendor and third party bug bounty programs, and how to quell the stigma associated with disclosing vulnerabilities.
Click Here to Listen to the Podcast
- Security Slice: How Bad is badBIOS?
- Security Slice: Me, You and the EU Cyber Security Directive
- Security Slice: Needle in the Data Stack
- Security Slice: Tangled Up in the NETGEAR
P.S. Have you met John Powers, supernatural CISO?
Title image courtesy of ShutterStock