Bug Bounties Aren’t Silver Bullet for Better Security
Many organizations would possibly in finding they are hiring pen testers and in-house safety researchers immediately than working computer virus bounty techniques, consistent with new MIT analysis. From a document: The New Solutions for Cybersecurity paper includes a sudden research of computer virus bounty techniques within the bankruptcy, Fixing a Hole: The Labor Market for Bugs. It studied 61 HackerOne bounty techniques over 23 months — together with the ones run for Twitter, Coinbase, Square and different large names — and one Facebook program over 45 months. It claimed that, opposite to business hype, organizations working those techniques do not get pleasure from a big pool of white hats probing their merchandise. Instead, an elite few produce the largest quantity and best possible high quality of computer virus reviews throughout a couple of merchandise, incomes the largest slice of to be had rewards. It’s additionally claimed that even those elite “top 1%” moral hackers cannot make a good salary by way of Western requirements.