Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
!
!
5 TIP S FO R A S U CC ES S FU L B UG B OUNTY
casey@bugcrowd.com
jcran@bugcrowd.com
the problem
Without
crowdsourcing,
security is not a fair
fight.
HACKED
HACKED
HACKED
HACKED
HACKED
HACKED
@jcran
VP Delivery, Bugcrowd
bugcrowd at Work
Crowdsourced security to fit your needs
Responsible Disclosure
Flex Bounty
Capped cost
Free
Ad-hoc or continuous
Elite tier researchers
Bug Bounty
Continuous testing
Monthly fee + transaction fee
CONFIDENTIAL. DO NOT DISTRIBUTE.
All content (c) Bugcrowd Inc, 2014 - All rights reserved.
DOES IT WORK?
Traditional
penetration test
Bugcrowd Flex
Cost
$20,000
$20,000
# of researchers
349
Manhours
80
80 in the first 8
elapsed hours
Vulnerabilities
38
P1 issues
7
!
People assume that 80% of the work will go into dealing with the
new vulnerabilities theyve found out about.
If you dont factor this into your planning, your program will fail.
Align expectations
Preparation
Align expectations
Questions?
Want a demo?
Ping us!!!