Demystifying Program Management in Crowdsourced Security
Over the past year, we’ve seen a 21% increase in total vulnerabilities, 20% of which were classified as critical. Compounded with the industry’s shortage in cybersecurity practitioners and ineffective security architectures, crowdsourced security testing programs like bug bounties and vulnerability disclosure continue to increase in adoption across industries and governments.
But running a bug bounty program on your own can be difficult. Imagine receiving hundreds of vulnerability submissions weekly, many of them unimportant, and many of them duplicates of known vulnerabilities. Organizations hardly have the time or resources to triage and validate incoming vulnerability findings from outside researchers.
Success in crowdsourced security relies on expert program management. Join Invision’s VP of Information Security, Johnathan Hunt and Bugcrowd’s CSO David Baker for a discussion on the value of bug bounty program management:
– How program management brings ROI to your bug bounty program
– Requirements for bug bounty program management
– How Invision went from a competitive self-managed program to a Bugcrowd managed program