1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

IDG Contributor Network: Facebook scandal or can bug bounties replace traditional web security?

Discussion in 'CSO' started by RSS, Dec 21, 2015.

  1. RSS

    RSS New Member Member

    A recent incident with the Facebook Bug Bounty program has led to many different reactions supporting both Facebook and the security researcher. Regardless of who is right in this whole story, the one fact is clear: the researcher went far beyond what Facebook had initially expected, and got access to the sensitive data Facebook didn’t really want to share with anybody including the researchers' community.

    These days Bug Bounties become very popular, raising more and more questions about their efficiency and effectiveness. We will try to understand how and if Bug Bounties can be used to test your corporate web applications. I intentionally omit bug bounties for stand-alone software (e.g. Chrome or various IoT applications) as it's a different topic.

    To read this article in full or to leave a comment, please click here

    Continue reading...
     

Share This Page