all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

How to deal with unsolicited vulnerability bounty requests?

Add to bookmarks
Aug. 31, 2022, 6:37 a.m. | /u/shoorlyne

cybersecurity www.reddit.com

From time to time, a message pops up in my inbox:

"We've uncovered some vulnerability in your ..., here is how to reproduce it. We hereby request a bounty from you for this work."

These are not spoofed messages. But such requests are not solicited: we never publicly asked anyone to do ethical hacking.

How would you deal with these? If the vulnerability is validated, how much would you pay for it, assuming the resources are very limited.

Thanks.

bounty cybersecurity deal requests vulnerability

Visit resource

More from www.reddit.com / cybersecurity

What are your go-to cybersecurity frameworks and why? 5 hours ago | www.reddit.com
can context cybersecurity cybersecurity frameworks +14
Password security 10 hours ago | www.reddit.com
characters cybersecurity information nothing +7
No, LLM Agents can not Autonomously Exploit One-day Vulnerabilities. 10 hours ago | www.reddit.com
agents can cybersecurity exploit +2
Microsoft: APT28 hackers exploit Windows flaw reported by NSA 14 hours ago | www.reddit.com
apt28 cybersecurity exploit flaw +5
Vulnerability Summary for the Week of April 15, 2024 | CISA 14 hours ago | www.reddit.com
april cisa cybersecurity vulnerability +1
The reality vs expectation in Cybersecurity! 14 hours ago | www.reddit.com
cybersecurity doing hard job +3
SOC monitoring - Technical Guidance 14 hours ago | www.reddit.com
agents best practices building cybersecurity +17
Evil XDR: Researcher Turns Palo Alto Software Into Perfect Malware 16 hours ago | www.reddit.com
alto and response cybersecurity definition +13
GitHub comments abused to push malware via Microsoft repo URLs 18 hours ago | www.reddit.com
comments cybersecurity github malware +3

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Penetration Tester

@ Resillion | Bengaluru, India
View on infosec-jobs.com

Senior Backend Software Engineer (Java) - Privacy Engineering (Open to remote across ANZ)

@ Canva | Sydney, Australia
View on infosec-jobs.com

(Senior) Information Security Professional (w/m/d)

@ IONOS | Deutschland - Remote
View on infosec-jobs.com

Information Security (Incident Response) Intern

@ Eurofins | Katowice, Poland
View on infosec-jobs.com

Game Penetration Tester

@ Magic Media | Belgrade, Vojvodina, Serbia - Remote
View on infosec-jobs.com
View more jobs