Bug Bounty Programs for Cybersecurity: Practices, Issues, and Recommendations
Date of Publication
1-1-2019 12:00 AM
Publication Date
May 14, 2019
Security Theme
Cybersecurity
Keywords
Cybersecurity, srhreports, cybersecurity, Bug-Bounty, Crowdsourcing, Cyber-Security, Hackers
Description
© 1984-2012 IEEE. Drawing upon crowdsourcing, bug bounty programs (BBPs) are entering the mainstream security practice in organizations. We analyze and recommend best practices in five main BBP areas: scoping of BBPs, timing of crowd engagement, submission quality, firm-researcher communication, and hacker motivation.
Bug Bounty Programs for Cybersecurity: Practices, Issues, and Recommendations
© 1984-2012 IEEE. Drawing upon crowdsourcing, bug bounty programs (BBPs) are entering the mainstream security practice in organizations. We analyze and recommend best practices in five main BBP areas: scoping of BBPs, timing of crowd engagement, submission quality, firm-researcher communication, and hacker motivation.