|
|
|
|
|
|
by d4n
2303 days ago
|
|
|
Unfortunately, for many companies, bug bounty programs have been the best invention in silencing security research and CVEs. They promise the world, beat you down on severity / payouts, sometimes just claim duplicate or known issue with no way to verify, and then block public disclosure. Very frustrating. |
|
|