Getting Started with Vulnerability Disclosure and Bug Bounty Programs
Getting Started with Vulnerability Disclosure and Bug Bounty Programs
Author(s): Cristian PASCARIUSubject(s): Security and defense, ICT Information and Communications Technologies
Published by: Asociatia Romana pentru Asigurarea Securitatii Informatiei
Keywords: Bug Bounty; Vulnerability Disclosure; Crowdsourcing;
Summary/Abstract: The raise in online platforms and services that organizations around the world offer has grown significantly, ensuring the information security of these platforms is a task of paramount importance. There are challenges in achieving this mainly due to the shortage of skilled security professionals and the growing number of online services that companies offer. This article focuses on the benefits of using Crowdsourcing security programs, such as Vulnerability Disclosure Programs (VDP) and Bug Bounty programs to complement the existing security assessments performed by organizations. These programs provide a way for organizations to better interact with the security community, gain valuable insight into the public security posture, improve the brand image by providing a mechanism in which security researchers can notify the organizations of imminent security risks.
Journal: International Journal of Information Security and Cybercrime (IJISC)
- Issue Year: 11/2022
- Issue No: 1
- Page Range: 25-30
- Page Count: 6
- Language: English
- Content File-PDF