|
|
|
|
|
|
by pdpi
773 days ago
|
|
|
Bug bounties are a social solution to a social problem. In many ways, the actual money is less important than being seen to earnestly engage with the programme. Being hard-nosed about refusing to pay a bounty on a privilege escalation bug is a rookie mistake. It engenders ill will and cements your relationship with security researchers as adversarial rather than cooperative. |
|
|