Ce diaporama a bien été signalé.
Nous utilisons votre profil LinkedIn et vos données d’activité pour vous proposer des publicités personnalisées et pertinentes. Vous pouvez changer vos préférences de publicités à tout moment.

Bug bounty programs

An introduction to the concept of bug bounty programs.

  • Identifiez-vous pour voir les commentaires

Bug bounty programs

  1. 1. BUG BOUNT Y PROGRAMS By: Yassine ABOUKIR
  2. 2. INTRODUCTION
  3. 3. BUG BOUNTY PROGRAM A bug bounty program is a crowdsourcing initiative that rewards individuals for discovering and responsibly reporting software security vulnerabilities. Bug bounty programs are often initiated to supplement internal code audits and penetration tests as part of an organization's vulnerability management strategy. Source : Techtarget
  4. 4. HISTORY
  5. 5. WHAT’S IN IT FOR ORGANIZATIONS? •Army of friendly hackers. •Cost-effective solution. •Eliminate the risk of Zero-days vulnerabilities. •On-going security testing.
  6. 6. KEY STATISTICS • Facebook's pioneering bug bounty program has uncovered over 900 bugs and paid out over 5 million US dollars. • Google has paid out more than $9 million since the launch of its bug bounty program in 2010, including over $3 million in 2016. • Mozilla has paid out over $1.6 million across all of our bounties. • Yahoo has paid out more than $2 million for vulnerabilities since the launch of its bug bounty program in 2013. • Over 100,000 hackers strong in the HackerOne community. Over $20 million paid in bounties.
  7. 7. RUNNING A BUG BOUNTY PROGRAM Self-Hosted Bug Bounty Program Using a Bug Bounty Management Provider
  8. 8. BUG BOUNTY PROGRAM POLICY

×