![](https://ccweb.imgix.net/https%3A%2F%2Fwww.classcentral.com%2Fimages%2Ficon-black-friday.png?auto=format&ixlib=php-4.1.0&s=fe56b83c82babb2f8fce47a2aed2f85d)
Overview
![](https://ccweb.imgix.net/https%3A%2F%2Fwww.classcentral.com%2Fimages%2Ficon-black-friday.png?auto=format&ixlib=php-4.1.0&s=fe56b83c82babb2f8fce47a2aed2f85d)
This course focuses on bug bounty programs and crowd-sourcing security, using the Mozilla bug bounty program as a case study. The learning outcomes include understanding the creation and successes of bug bounty programs, the differences between bug bounty programs and the black market, and the benefits and challenges of implementing a bug bounty program. The course teaches skills such as identifying program values, encouraging attackers, and understanding the cost breakdown of bug submissions. The teaching method is a talk covering the history, types, and processes of bug bounty programs. The intended audience for this course includes security professionals, organizations looking to enhance their security measures, and individuals interested in learning about bug bounty programs.
Syllabus
Introduction
Why am I here
Mozilla Bug Bounty Program
History of Bug Bounty Programs
Types of Bug Bounty Programs
Black Market Client Programs
Program Values
Vendor vs Black Market
Negative impact on reputation
Benefits
Concerns
Encouraging attackers
Attackers
Security Team
Black Market
Black Box
Bugmatic Committee
Web Body Process
Results
Firefox
Web Valve
Duplicate vs New Bugs
Cost Breakdown
Who Submits
What Next
Bug Bounty Program
What you need to do before you start
Taught by
nullcon