Bug Bounties vs. Penetration Testing: Misconception #2
Misconception: With a bug bounty, you cannot receive the coverage or same caliber of testing methodologies as penetration tests.
Topic: Company Resources
Bug Bounties vs. Penetration Testing: Misconception #1
Misconception: Bug bounty hunters are not as skilled as penetration testers. Even if they were, how can I trust them and control them?
[Webinar Recap] 3 Reasons to Swap Your Next Penetration Test for a Bug Bounty
Last Friday we took part in an SC Magazine webinar that examines the differences between penetration testing and bug bounties. Jason Haddix, former HP Fortify Pen Test Lead and now Head of Trust and Security at Bugcrowd, spoke with Wade Billings, VP of Technology Services at Instructure, the company behind learning management system Canvas.
Illustrated Guide to Bug Bounties Step #3: Learnings
The bug bounty lifecycle is a very fluid process, from strategic planning and program launch to learning from and iterating your program. Get the illustrated guide below:
A Look Inside: Bug Bounties vs. Penetration Testing
Can bug bounty programs replace penetration tests?
This question has come up a lot in the past several months and today we released a guide that begins to answer it.
Illustrated Guide to Bug Bounties Step #2: Launching
The bug bounty lifecycle is a very fluid process, from strategic planning to program launch to learning from and iterating your program. Get the illustrated guide below:
Illustrated Guide to Bug Bounties Step #1: Planning
The bug bounty lifecycle is a very fluid process, from strategic planning to program launch to learning from and iterating your program. Get the illustrated guide below:
How Does a Bug Bounty Fit into my SDLC?
“How does a bug bounty fit into my SDLC?” This is a question we hear all the time. While the obvious answer is that it can augment or replace much of your current manual and automated testing, the actual answer is simpler; “bug bounties fit into and support your SDLC each step of the way.”
Webinar Recap: How Three Security Vendors Approach Security
This week I spoke with three security gurus – Dave Farrow, Senior Director Information Security, Barracuda, Alvaro Hoyos, Chief Information Security Officer at OneLogin, and Gene Meltser, Security Architect, Sophos – about their current application security challenges and how they overcome them.
The Illustrated Guide to Planning, Launching and Iterating Your Bug Bounty Program
To run a successful and mutually beneficial bug bounty program, the work starts long before you launch your program and is a continuous learning experience.
