Beyond the challenges around risk and uncertainty, can bug bounties really deliver on their promise? Even as crowdsourced security testing continues to gain acceptance, what’s important is designing the right model to increase efficiency and avoid diminishing marginal returns.
In an effort to get out in front of the data privacy scandal threatening to engulf the company, Facebook recently announced a new data abuse bounty program, which promises to pay people who report data abuses. But is this new data abuse bounty program going to result in any real changes to data privacy on Facebook?
For 24 days, 272 hackers pounded the Air Force's key public websites. The result? A cool 207 vulnerabilities were found, resulting in a $130,000 payday for the White Hats.
So how does the United States Air Force with over 5,000 aircraft in its inventory make sure that it’s online security is top notch? It’s simple – it invites people to hack its systems.
As the world becomes more complex non-traditional approaches to ensuring data security and protection must be evaluated. In this article Wei Chieh, the founder of SWARMNETICS draws a parallel between how we treat open source software and the Asian organisational attitude toward White Hat hackers (or ‘independent security researchers’) as assets that might help to stem the tide of security breaches that Asian companies face today.