Bug Bounty Playbook


Handling external submissions of security vulnerabilities either directly or via bug bounty programmes is not a trivial task and should not be left to chance.

It is critical to follow very specific workflows that address the original issue, and that discover and fix (if necessary) any possible variations.

It is also very important to have very focused and technically correct exchanges with the external individual(s) who submitted the security vulnerability.

This Working Session will create a bug bounty playbook.


  • Create Bug bounty playbook


  • Bug bounty playbook


The target audience for this Working Session is:

  • Security teams
  • Bug bounty companies
  • Bug bounty hunters

Working materials

  • Bug bounty playbook

(please add as much information as possible before the sessions)

Back to list of all Working Sessions and Tracks

Edit this page here