The ideal configuration of a bounty program includes many aspects such as scoping the program, response time and determining the right range of bounty payouts. This presentation will explore the key considerations for security teams when thinking about launching a bug bounty program, the common pitfalls to avoid and the tools they already have to direct the program to derive value.
Learning Objectives: 1: Planning for bug bounty: Top 20 things to consider before launching a program. 2: Ideal configuration: Learn insights from data about what works and what doesn’t. 3: ROI: Learn if a bug bounty program is better than internal/external options.