all InfoSec news
The Benefits of Vulnerability Discovery and Bug Bounty Programs: Case Studies of Chromium and Firefox. (arXiv:2301.12092v2 [cs.CR] UPDATED)
cs.CR updates on arXiv.org arxiv.org
Recently, bug-bounty programs have gained popularity and become a significant
part of the security culture of many organizations. Bug-bounty programs enable
organizations to enhance their security posture by harnessing the diverse
expertise of crowds of external security experts (i.e., bug hunters).
Nonetheless, quantifying the benefits of bug-bounty programs remains elusive,
which presents a significant challenge for managing them. Previous studies
focused on measuring their benefits in terms of the number of vulnerabilities
reported or based on the properties of the …
benefits bounty bug bug bounty bug bounty programs case case studies challenge chromium culture discovery enable experts external firefox hunters organizations posture security security culture security experts security posture studies vulnerability vulnerability discovery