The Tor Project announced last week that it plans on launching a bug bounty program this year to encourage security researchers and hackers to responsibly report issues they find in the software.
Tag Archives: HackerOne
Model Assesses Readiness to Accept Outside Vulnerability Reports
HackerOne released a free model that assesses an organization’s readiness to accept outside vulnerability reports.
Bug Bounties in Crosshairs of Proposed US Wassenaar Rules
Bug bounties and rewards programs provide researchers with a measure of income, and if the proposed Wassenaar rules are implemented in the U.S., that initiatives could be adversely impacted.
Adobe Starts Vulnerability Disclosure Program on HackerOne
Adobe launched its first vulnerability disclosure program this week. It will use the HackerOne platform and will not pay out bounties, instead researchers can bulk up their HackerOne reputation scores. Only vulnerabilities in Adobe web applications or web-based services are in scope.
Katie Moussouris on Starting a Bug Bounty Program
In this video from last week’s Security Analyst Summit, HackerOne’s Katie Moussouris explains the main thing companies that want to start a bounty program or vulnerability incentive program need to know: There is no one size fits all.
Don’t Build a Bounty Program; Build an Incentive Program
At the Security Analyst Summit, Katie Moussouris encouraged enterprises to build bug bounty programs that feed a software development lifecycle.