all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

The Benefits of Vulnerability Discovery and Bug Bounty Programs: Case Studies of Chromium and Firefox. (arXiv:2301.12092v2 [cs.CR] UPDATED)

Add to bookmarks
Feb. 27, 2023, 2:10 a.m. | Soodeh Atefi, Amutheezan Sivagnanam, Afiya Ayman, Jens Grossklags, Aron Laszka

cs.CR updates on arXiv.org arxiv.org

Recently, bug-bounty programs have gained popularity and become a significant
part of the security culture of many organizations. Bug-bounty programs enable
organizations to enhance their security posture by harnessing the diverse
expertise of crowds of external security experts (i.e., bug hunters).
Nonetheless, quantifying the benefits of bug-bounty programs remains elusive,
which presents a significant challenge for managing them. Previous studies
focused on measuring their benefits in terms of the number of vulnerabilities
reported or based on the properties of the …

benefits bounty bug bug bounty bug bounty programs case case studies challenge chromium culture discovery enable experts external firefox hunters organizations posture security security culture security experts security posture studies vulnerability vulnerability discovery

Visit resource

More from arxiv.org / cs.CR updates on arXiv.org

Calibration Attacks: A Comprehensive Study of Adversarial Attacks on Model Confidence 19 hours ago | arxiv.org
adversarial adversarial attacks aim arxiv +11
Hot PATE: Private Aggregation of Distributions for Diverse Task 19 hours ago | arxiv.org
aggregation arxiv cs.ai cs.cr +18
A Stacked Ensemble Learning IDS Model for Software-Defined VANET 19 hours ago | arxiv.org
arxiv autonomous autonomous vehicles can +23
Your Code Secret Belongs to Me: Neural Code Completion Tools Can Memorize Hard-Coded Credentials 19 hours ago | arxiv.org
arxiv can code code completion +6
Flamingo: Multi-Round Single-Server Secure Aggregation with Applications to Private Federated Learning 19 hours ago | arxiv.org
aggregation applications arxiv beyond +14
PECAN: A Deterministic Certified Defense Against Backdoor Attacks 19 hours ago | arxiv.org
arxiv attackers attacks backdoor +18
Hyperloop: A Cybersecurity Perspective 19 hours ago | arxiv.org
arxiv critical critical infrastructure cs.cr +17
Blockchain based Secure Energy Marketplace Scheme to Motivate Peer to Peer Microgrids 19 hours ago | arxiv.org
arxiv barriers blockchain cost +16
Insecurity of Quantum Two-Party Computation with Applications to Cheat-Sensitive Protocols and Oblivious Transfer Reductions 19 hours ago | arxiv.org
access applications arxiv case +15

Jobs in InfoSec / Cybersecurity

Post a Job Search Talent

Sr. Product Manager

@ MixMode | Remote, US
View on infosec-jobs.com

Information Security Engineers

@ D. E. Shaw Research | New York City
View on infosec-jobs.com

Technology Security Analyst

@ Halton Region | Oakville, Ontario, Canada
View on infosec-jobs.com

Senior Cyber Security Analyst

@ Valley Water | San Jose, CA
View on infosec-jobs.com

Incident Response Lead(IR)

@ Blue Yonder | Hyderabad
View on infosec-jobs.com

Comcast Cybersecurity: Privacy Operations Executive Director

@ Comcast | PA - Philadelphia, 1701 John F Kennedy Blvd
View on infosec-jobs.com