C-Suite On Deck
Keep me plugged in with the best
Join thousands of your peers and receive our weekly newsletter with the latest news, industry events, customer insights, and market intelligence.
I agree to the
terms of service
PLEASE CORRECT THE FOLLOWING:
Please Enter Some Keywords
Bug bounties: A good tool, but don’t make them the only tool in security
Bug bounties are hot. They are everywhere. Of course, popularity doesn’t guarantee quality. Just because everybody is doing it doesn’t necessarily mean it’s the best way to maintain the security of your organization. But the word from most experts is that bug bounties are a good thing, as long as they’re not the only thing—they’re not a cheap substitute for rigorous testing throughout the entire software development life cycle (SDLC). Do bug bounty programs work? Whether that’s happening or not is, at least at the moment, essentially drowned out by the sheer number of bug bounty programs in existence and the number of hackers hoping to cash in from them. According to one list from vpnMentor, there are 734 programs in operation this year, not just from the predictable giants like Google, Apple, Facebook, Microsoft, Alibaba and Amazon Web Services, but seemingly everybody else too, from Craigslist to Dropbox, GitHub to GoDaddy, Netflix to PayPal, the United Nations to United Airlines, WordPress to Walmart and Yahoo to Yelp.
I'm for real
Enter your email once to access all our information and resources.
(Your email address is required so we know you're a real person)
By downloading this content, you give permission for your contact information to be shared with the content provider who may contact you in regards to the content.