Bashing Bothersome Bugs & Chasing Chunks of Cash

Chris and Josey discuss bug bounty programs, actions to take if randomly stumbling upon a security vulnerability, reporting pros/cons, and a lot more. Is the answer really black and white, or is it all grey?

TOPICS

• What is a bug bounty program
• When and how should you report discovered potential attack vectors or security vulnerabilities
• Mental and moral exercises discussing the potential pros/cons of reporting or not
• Is the answer to handling a report really a black and white issue? Or is it more grey?
• ...and so much more!

MUSIC FROM THE CCMIXTER COMMUNITY
Snazzy Intro: On Top of the World by texasradiofish (c) copyright 2015 Licensed under a Creative Commons Attribution Noncommercial (3.0) license. http://dig.ccmixter.org/files/texasradiofish/50478 Ft: John Fletcher, Patricia Edwards, ElRon XChile, Speck, alexplaysguitar
Live Show Starting Soon: cdk - Sunday by Analog By Nature (c) copyright 2016 Licensed under a Creative Commons Attribution (3.0) license. http://dig.ccmixter.org/files/cdk/53755
Live Show Outro: ＭＩＬＬＥＮＮＩＡＬＳ by Analog By Nature (c) copyright 2018 Licensed under a Creative Commons Attribution (3.0) license. http://dig.ccmixter.org/files/cdk/57150

• We found 6 critical PayPal vulnerabilities - and PayPal punished us for it | CyberNews