By Jérôme DE LISLE, Manager Wavestone
What is a bug bounty and what is it used for?
Mere buzzwords a few years ago, bug bounty programmes and vulnerability disclosure initiatives have since permeated the cyber-related vocabularies of a wide range of organisations, whether it be digital giants, top investment banks, or government bodies. The basic principle is the following: companies provide a financial incentive or reward for well-intentioned hackers to find and report vulnerabilities discovered in their assets. The catch is that the company behind the initiative sets a fixed window of opportunity for hackers to discover and fix these vulnerabilities. Wavestone has studied the adoption of these initiatives within the banking...
|