Se ha denunciado esta presentación.
Utilizamos tu perfil de LinkedIn y tus datos de actividad para personalizar los anuncios y mostrarte publicidad más relevante. Puedes cambiar tus preferencias de publicidad en cualquier momento.
Cargando en…3
×
1 de 22

How to run a kick ass bug bounty program - Node Summit 2013

0

Compartir

Descargar para leer sin conexión

Bug bounty programs are all about getting good guys who think like bad guys to help you protect your business from application security flaws. In this workshop Casey Ellis and Chris Raethke from Bugcrowd, The Bug Bounty Company, will go through some of the tricks and tips of setting up and running a successful bug bounty program.

Audiolibros relacionados

Gratis con una prueba de 30 días de Scribd

Ver todo

How to run a kick ass bug bounty program - Node Summit 2013

  1. 1. How to run a kick-ass bug bounty program Casey Ellis – CEO Chris Raethke – CTO Bugcrowd Inc
  2. 2. AGILE
 SCRUM PAIRING TDD CI BEST PRACTICE...
  3. 3. all apps have security bugs ...REALITY
  4. 4. Current Approach
  5. 5. Bad Guys Good Guys ...help! ARRRGGGH!
  6. 6. A Better Approach
  7. 7. Bad Guys Moar’ Good Guys ...arrrrrgh?
  8. 8. What is a bug bounty program?
  9. 9. Bug bounties are awesome…
  10. 10. …but hard.
  11. 11. The mistake *everyone* makes DATA PEOPLE
  12. 12. The Golden Rules
  13. 13. Respect the researcher
  14. 14. If you touch code, pay it.
  15. 15. Manage expectations
  16. 16. Normalize inputs
  17. 17. Pay quickly
  18. 18. Fix problems quickly
  19. 19. Be open about duplicates
  20. 20. Questions? Casey Ellis – CEO Chris Raethke – CTO Bugcrowd Inc

×