Cyber Security Event Series

The Benefits of Bug Bounties

6th June 2016admin

It goes without saying that vulnerabilities are costly – which is why some of the largest corporations in the world offer rewards to hackers who discover the weaknesses in their systems. A bug bounty rewards white hat hackers for discovering vulnerabilities in websites, applications and even whole systems. This gives IT teams the chance to solve the issues before they are exploited by individuals who wish to damage the business.

Benefits

Bug bounties are used by companies like Microsoft and Apple, in fact almost all major technology companies employ this tactic. Now businesses that are outside of the tech industry are switching on to their value and beginning to implement bounties as part of their cyber security measures. One of the biggest pluses for offering a bug bounty, even in those organisations with established and capable IT teams is that more eyes will be looking for vulnerabilities, meaning they are more likely to be picked up.

The cost of a bug bounty varies, with some firms known to offer in excess of $100,000. This is balanced by the knowledge that the costs of a vulnerability being exposed can be far greater. A hack is not just damaging to reputation, it also raises the unpalatable prospect of vital customer data being compromised, potentially leading to a whole host of other problems including identity fraud and theft. If a bug bounty can save a business from the huge costs involved with cleaning up post hack, then it is well worth pursuing.

Penetration testing is the only real alternative to a bug bounty programme. These can be costly to implement and there is no guarantee they will get results. Usually they are undertaken by a small team guaranteed to be paid even without a vulnerability being discovered. In comparison, bug bounties work because the financial incentive drives hackers to find existing issues.

Bugcrowd

Services like Bugcrowd (which was established in 2012) make it easy for any size of company to run a bug bounty program. The platform invites organisations to run a bug bounty system with rewards advertised to white hat hackers. Spreading the word to inform more hackers about the potential rewards available means that more hackers will be scouring websites, applications and systems for vulnerabilities. All of this greatly increases the chances of flaws being found and systems made more secure as a result.

Tags: bug bounties, cyber security, hacking, white hat

Related Articles

cyber insurance

Is It Worth Having Insurance For Data Breaches?

23rd May 2016admin
Block chain cyber security

How Are Blockchains Changing Cyber Security?

14th March 2016admin
cyber security passwords

How To Guide Employees On Passwords

8th April 2016admin

Recent Posts

  • AI Cyber Security: What You Need to Know
  • Is It Possible To Have A 100% Secure Organisation
  • The 5 Biggest Threats to Corporate IT Security
  • UK Government’s cyber defences are being harmed by lack of skills
  • Is it worth having insurance for data breaches?

Tags

2fa air gapped artificial intelligence bit coins blockchains bug bounties byod cloud storage cybercrime cyber insurance cyber law cyber security Cybersecurity cyber security events data analytics DDoS detection e-commerce encryption GDPR government hacking hardware incident response Internet of Things IoT machine learning managed security management mobile security open source passwords phishing quantum cryptography ransomware security breach security flaws small business social engineering threat based analytics Threat Detection Training wearable technology web access management white hat

Social: EMEA

Facebook
Twitter
LinkedIn

Social: USA

Facebook
Twitter
LinkedIn


Cyber Security Events - Imago Techmedia Ltd is registered in England and Wales under Company No. 04865455. Registered Office: Bedford House, 69-79 Fulham High Street, London, SW6 3JW, United Kingdom -- Business Address: Imago Techmedia, 2C Bedford House, Fulham Green, 69-79 Fulham High Street, London, SW6 3JW -- Imago Techmedia is a subsidiary of Clarion Events Limited

Privacy & Cookie Policy