all InfoSec news
How to deal with unsolicited vulnerability bounty requests?
Aug. 31, 2022, 6:37 a.m. | /u/shoorlyne
cybersecurity www.reddit.com
"We've uncovered some vulnerability in your ..., here is how to reproduce it. We hereby request a bounty from you for this work."
These are not spoofed messages. But such requests are not solicited: we never publicly asked anyone to do ethical hacking.
How would you deal with these? If the vulnerability is validated, how much would you pay for it, assuming the resources are very limited.
Thanks.
More from www.reddit.com / cybersecurity
Jobs in InfoSec / Cybersecurity
SOC 2 Manager, Audit and Certification
@ Deloitte | US and CA Multiple Locations
Penetration Tester
@ Resillion | Bengaluru, India
Senior Backend Software Engineer (Java) - Privacy Engineering (Open to remote across ANZ)
@ Canva | Sydney, Australia
(Senior) Information Security Professional (w/m/d)
@ IONOS | Deutschland - Remote
Information Security (Incident Response) Intern
@ Eurofins | Katowice, Poland
Game Penetration Tester
@ Magic Media | Belgrade, Vojvodina, Serbia - Remote