From the course: Launch a Bug Bounty Program
Join today to access over 25,300 courses taught by industry experts.
Vulnerability rewards disbursement
From the course: Launch a Bug Bounty Program
Vulnerability rewards disbursement
- [Presenter] Rewarding researchers for their contribution is a crucial aspect of maintaining a successful bug bounty program. Let's discuss how to effectively offer rewards based on risk and impact of the identified vulnerabilities. You can qualify rewards based on severity rating. Assess a severity rating of each reported vulnerability. A commonly used scale ranges from critical to low higher severity vulnerabilities, posing greater risk, typically warrants higher rewards. Impact analysis, consider the potential impact of each vulnerability on your systems or data. Vulnerabilities with a higher impact, even if they have a lower severity rating, may warrant increased reward. Last is business risk. Evaluate the overall risk of reported vulnerabilities to your business. This broader perspective helps in determining the appropriate level of compensation. Next, define rewards criteria for different tiers. First and foremost are critical vulnerabilities. Assign the highest reward to…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.