Lessons learned from running 95 bug bounty programs

Have you read the latest issue of our digital (IN)SECURE Magazine? If not, do it now.

Large companies such as Google and Facebook have dedicated teams that review bug submissions, verify valid bugs and reward security researchers, but that can be time and cost-prohibitive for most companies. Bugcrowd is making sure that every company can leverage the power of crowdsourced security.

In this podcast recorded at Black Hat USA 2014, Casey Ellis, Founder and CEO of Bugcrowd, talks about the lessons they’ve learned after running 95 bug bounty programs as well as the different types of researchers that take part in their programs.