A high-quality multi-factor authentication bypass submission can win a bounty hunter up to $100,000.
HackerOne’s 2018 Hacker-Powered Security Report showed that the average award for critical vulnerabilities has increased.
The newly-discovered Spectre variants can be exploited to uncover confidential data via microarchitectural side channels in CPUs.
More companies are looking to adopt “safe harbor” language in their bug bounty programs to build trust with participants.
Mickos sat down with Threatpost’s Lindsey O’Donnell to talk about bug bounty program opportunities, challenges, and ultimately how programs are evolving.
More companies – particularly social media firms – may follow Facebook’s footsteps in turning to bug bounty programs to scout out any data privacy abuse on their platforms, experts say.
A draft document lays out its criteria for addressing various flaws and notes the exceptions.
The U.S. Department of Defense is the latest government entity to double down on vulnerabilities, on Monday announcing a new bug bounty program.
Facebook announced that in the coming weeks it will expand its bug bounty program as the company cracks down on data misuse by app developers.
Netflix opens up bug bounty program to all white hat hackers and ups the ante for bugs to as much as $15,000.