Bug Bounty Radar // The latest bug bounty programs for September 2021
portswigger.net - get the latest breaking news, showbiz & celebrity photos, sport news & rumours, viral videos and top stories from portswigger.net Daily Mail and Mail on Sunday newspapers.
Loyalty management tech firm Antavo launches bug bounty program
portswigger.net - get the latest breaking news, showbiz & celebrity photos, sport news & rumours, viral videos and top stories from portswigger.net Daily Mail and Mail on Sunday newspapers.
Ethical hackers frequently report security flaws outside of VDPs – often to no avail
Up to a third of all security flaws reported to organizations with no vulnerability disclosure policy (VDP) are not being patched due to failings in the disclosure process, a new report suggests.
Polled by Belgium-based bug bounty platform Intigriti, 12% of security researchers who reported vulnerabilities through alternative channels believed their submission was not successful in reaching security teams, while 19% were unsure about the outcome.
The Ethical Hacker Insights Report 2021 reveals that 70% of ethical hackers have discovered a vulnerability in a system not covered by a VDP.
And since 12% of those said they didn’t escalate or follow up on their initial report, vendors without VDPs are potentially unaware of up to 44% of zero-day vulnerabilities detected by bug hunters.