Stay updated with breaking news from Hackerone co. Get real-time updates on events, politics, business, and more. Visit us for reliable news and exclusive interviews.
Code Security Startup Pixee Emerges From Stealth to Automate Code Hardening and Vulnerability Remediation for Developer Teams tmcnet.com - get the latest breaking news, showbiz & celebrity photos, sport news & rumours, viral videos and top stories from tmcnet.com Daily Mail and Mail on Sunday newspapers.
What to do when a bug bounty request sounds more like extortion HackerOne billboard on display in downtown San Francisco, showing hacker @randomdeduction, known in the physical world as Jesse Kinser. (Photo courtesy of HackerOne). Not all vulnerability hunters play by the rules. There are some who are more concerned about scoring a big payday than ensuring a bug is responsibly disclosed and fixed before malicious actors can take advantage. But there are tactics that tech developers and manufacturers can employ to help steer negotiations in their favor. In a ransomware panel session at last weekâs Incident Response Forum, experts weighed in on what to do when unscrupulous, independent gray hat researchers contact a company after identifying a vulnerability and demand a large bug bounty, threatening to otherwise publish their findings or sell it. SC Media then followed up by reaching out to additional bug bounty experts to get their own take on how to respond to such a situation.