Bug Bounty Playbook


Handling external submissions of security vulnerabilities via Bug Bounty Programs (or directly) is not a trivial task and should not be left to chance.

It is critical that very specific workflows are followed so that not only the original issue is addressed, but any possible variations are discovered and (if required) fixed.

Also very important is to have very focused and technically correct exchanges with the external individual(s) who submitted the security vulnerability.


  • Create Bug Bounty Playbook


  • Security Teams
  • Bug Bounty companies
  • Bug Bounters

Back to list of all Working Sessions and Tracks

Edit this page here