Bug Bounty Playbook
Handling external submissions of security vulnerabilities via Bug Bounty Programs (or directly) is not a trivial task and should not be left to chance.
It is critical that very specific workflows are followed so that not only the original issue is addressed, but any possible variations are discovered and (if required) fixed.
Also very important is to have very focused and technically correct exchanges with the external individual(s) who submitted the security vulnerability.
- Create Bug Bounty Playbook
- Security Teams
- Bug Bounty companies
- Bug Bounters
Back to list of all Working Sessions and Tracks
Edit this page here