This session will discuss bug bounty programs and alternative resolutions, as the topic of these programs is running rampant online. Being the expert cybersecurity witness for the USA in USA V. Sullivan, exposed many faults in these programs. What makes a legally compliant bounty program? Are alternatives such as tabletops more useful and less costly? How do you adequately screen a vendor?


RSAC 2023 brought together thousands of cybersecurity professionals for four incredible days of expert perspectives, groundbreaking innovation, and best practices. 

Bug Bounty: Keeping Hacks Ethical in 2022

Conference: RSA Conference 2023

Authors: David Cass, Daniel Garrie

Abstract

Post a comment

Related work

Bug Bounty Evolution: Not Your Grandson's Bug Bounty

The Open Threat Hunting Framework: Enabling Organizations to Build, Operationalize, and Scale Threat Hunting