012. An Intro: Is a bug bounty program right for your business?

In 2018 it was reported that there had been a 36% increase in total bug bounty payouts*, but does this mean this kind of security testing is best for your business? We take a look at the pros and cons of bug bounty programs and how it compares to penetration testing. Key points include: 1’13 A brief definition of penetration testing and bug bounties 1’53 How the costing works 3’05 The difference between a penetration test and a bug bounty 6’46 The difficulty with reporting bug bounties 7’42 The negatives and positives of the output of both pen testing and bug bounties 9’36 The time Uber was held to ransom by a bug hunter! 14’32 Summary * https://www.bugcrowd.com/resource/2018-state-of-bug-bounty-report/ Download on iTunes: apple.co/2Ji61Ek Listening time: 17 minutes For more information, follow us on Twitter @secarma or @secarmalabs or email us at [email protected] Hosted by: Holly Grace Williams, Technical Director at Secarma