[Info-vax] Microsoft launches a new Windows bug bounty program
Stephen Hoffman
seaohveh at hoffmanlabs.invalid
Fri Jul 28 12:49:11 EDT 2017
On 2017-07-28 16:17:49 +0000, John Reagan said:
> Bug rewards often don't work. Go ask Apple how there's worked out.
> They offered a measly $200K (or something) for a iOS exploit. They got
> zero responses. They are worth over $1Million on the dark web.
Those bounties set the price floor on the value of bugs.
The bounties also reward the efforts of the folks that find and then
report those vulnerabilities to the vendor.
Rather than selling those same vulnerabilities via some DNM. Or just
sitting on the findings, if the legitimate folks do decide to
investigate.
Some related reading material on the topic of bug bounty programs:
https://medium.com/@collingreene/bug-bounty-5-years-in-c95cda604365#.983irqp9r
--
Pure Personal Opinion | HoffmanLabs LLC
More information about the Info-vax
mailing list