This course explores the evolution of bug bounty programs, reflecting on lessons learned since 2010. It discusses the myths surrounding bug bounty programs and explores alternative solutions for hackers. The course covers topics such as the history of bug bounties, vulnerability coordination, organizational commitment, labor laws, big payouts, metrics, vulnerability handling, cybersecurity apprenticeships, and concludes with insights on the future of bug bounty programs. The intended audience for this course includes cybersecurity professionals, bug bounty hunters, security researchers, and individuals interested in the intersection of hacking and cybersecurity.
Bug Bounty Evolution - Not Your Grandson's Bug Bounty
Overview
Syllabus
Intro
The Parable of the Long Spoon
History of Bug Bounty
Vulnerability Coordination maturity model
Organizational commitment
Labor laws
Big payouts
Whats next
Metrics
Vulnerability Handling
Cybersecurity Apprenticeships
Conclusion
Taught by
Black Hat
