|
|
|
|
|
|
by jcims
1402 days ago
|
|
|
Excellent breakdown! The reason I was thinking of safe harbor is that most bug bounties tend to explicitly grant permission to folks participating in the program. It’s usually walled off by some scoping criteria but it’s part of the deal. The thing that seems a little iffy for me with crowdstrike is that it’s an agent that calls back to services. It seems plausible that I could unintentionally break something in their environment while testing their software. I like how you wrapped it up though and totally agree. |
|
|