|
|
|
|
|
|
by krageon
6 days ago
|
|
|
I've run a bug bounty program for a relatively large corporation and you are exactly right. It's worse in open source, because none of the developers owe a researcher their time. At least in a bug bounty program you've communicated willingness both ways already |
|
|