S3 Ep19.5: How NOT to be a bug bounty hunter


Manage episode 284815885 series 1350076
由Player FM以及我们的用户群所搜索的Sophos — 版权由出版商所拥有,而不是Player FM,音频直接从出版商的伺服器串流. 点击订阅按钮以查看Player FM更新,或粘贴收取点链接到其他播客应用程序里。

In this special mini-episode, Paul Ducklin talks to Sophos cybersecurity expert Chester Wisniewski about bug bounty hunting.

How does bug bounty hunting work? What should you do if you get a bug report that doesn't follow established protocol? Chester tells you how to deal with so-called "beg bounties", where self-styled "experts" beg you for money or even threaten you with ill-defined "problems" they claim to have found.



Original music by Edith Mudge

Got questions/suggestions/stories to share?

Email tips@sophos.com

Twitter @NakedSecurity

Instagram @NakedSecurity