Bug Bounty Programs – your company’s friend or foe?
By Cameron Abbott, Keely O’Dowd and Samantha Tyrrell
Bug Bounty Programs (BBPs) actively encourage hackers to explore a company’s systems and report back on any vulnerability they discover. Often, pre-determined financial incentives are offered to the “security researcher” in return for their findings. The attraction of this process is obvious; rather than suffering a cyber incident that could – and for many organisations has – cost millions of dollars and resulted in reputational damage, companies can instead make a comparatively small payment to ethical “white hat” hackers with the intention of pre-empting an incident.