In this course, Play by Play: Bug Bounties for Companies, Troy Hunt and Casey Ellis discuss bug bounties from the perspective of organizations interested in running their first bug bounty program. Learn the purpose bug bounties serve, how bug bounties are run, and how to position a bug bounty program to leadership in order to get buy-in for the program. By the end of this course, you'll be able to speak to the benefits of a bug bounty program and ascertain if your organization is ready to undertake a bug bounty of its own.
Learning Objectives
- Value Proposition of Bug Bounties
- Common Concerns Surrounding Bug Bounties
- Selling Bug Bounties to Executives and Legal
- Scoping a Bug Bounty Program
Framework Connections
The materials within this course focus on the NICE Framework Task, Knowledge, and Skill statements identified within the indicated NICE Framework component(s):
Specialty Areas
- Cybersecurity Management
Feedback
If you would like to provide feedback on this course, please e-mail the NICCS team at NICCS@mail.cisa.dhs.gov. Please keep in mind that NICCS does not own this course or accept payment for course entry. If you have questions related to the details of this course, such as cost, prerequisites, how to register, etc., please contact the course training provider directly. You can find course training provider contact information by following the link that says “Visit course page for more information...” on this page.