|
|
|
|
|
|
by Thorrez
165 days ago
|
|
|
What if multiple people discover the same vulnerability. What do you do? Do you pay out to all of them? Do you make them sign an NDA without guaranteeing you'll pay them? Do you tell the 2nd etc discoverers to go away and hope they don't reveal it? If you pay out to all of them, there's a strong incentive to leak info and collect multiple bounties for the same vulnerability. |
|
|