Bug Bounty Program, does it help?
What happens when a security researcher finds a hole in your code? Do have a clear policy to submit this kind of findings? Most not. Responsible Disclosure is something every company should manage, and Bug Bounties Programs help to improve the security as well as be in contact with the hacker community. During the talk we will see how a Responsible Disclosure Program or a BugBounty Program works, and how the company should focus and not forget about other mitigations and counter mesures related to security. Also we will dig a bit in how a security report must be performed in a good way.
Security Engineer based in Malmö, Sweden. More than 15 years of experience in multiple Security fields, including SDLC, Incident Response, Ethical Hacking and Vulnerability Analysis. Formerly working at EY, Nokia, Microsoft and Basware. Now as RootedCON Co-Organizer and Information Security Leader at IKEA.