Gray Hat Hacking The Ethical Hacker's Handbook, Fifth Edition, 5th Edition

CHAPTER 9 Bug Bounty Programs

This chapter unpacks the topic of bug bounty programs and presents both sides of the discussion—from a software vendor’s point of view and from a security researcher’s point of view. We discuss the topic of vulnerability disclosure at length, including a history of the trends that led up to the current state of bug bounty programs. For example, we discuss full public disclosure, from all points of view, allowing you to decide which approach to take. The types of bug bounty programs are also discussed, including corporate, government, private, public, and open source. We then investigate the Bugcrowd bug bounty platform, from the viewpoint of both a program owner (vendor) and a researcher. We also look at the interfaces ...

Get Gray Hat Hacking The Ethical Hacker's Handbook, Fifth Edition, 5th Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Gray Hat Hacking The Ethical Hacker's Handbook, Fifth Edition, 5th Edition by Daniel Regalado, Shon Harris, Allen Harper, Chris Eagle, Jonathan Ness, Branko Spasojevic, Ryan Linn, Stephen Sims

CHAPTER 9

Bug Bounty Programs

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly