As more organizations turn to bug bounty programs, versus penetration testing, to weed out vulnerabilities in their products we ask Christie Terrill, partner at Bishop Fox, what she sees as the pros and cons of either approach.

Threatpost’s Lindsey O’Donnell also asks Terrill what kind of companies are best suited for bug bounty programs versus conducting their own penetration testing? Terrill also addresses what these methods mean for vulnerability disclosures and the legal nuances and complexities behind bug bounty programs.

Categories: Podcasts

Leave A Comment

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>