Methodology for Cybersecurity Bug Bounty Programs - [BugCrowd]

in #science6 years ago

The team at BugCrowd, a platform for bug bounty programs, has posted a series to help people interested in getting into the field. I would have to say, bug bounty is pretty lucrative when it comes to cybersecurity.

For example, if you find simple bugs in web applications you could be rewarded in the hundreds to thousands of dollars (depending on the type of vulnerability you found). You can even reach tens of thousands if you get RCEs (remote code execution).

The big $$$ are however when you find critical flaws and bugs in operating systems (someone said Microsoft?). If you're able to directly report the bug (to the OS providers), you could get hundreds of thousands and (yes) millions of dollars for kernel vulnerabilities).

Okay, but like anything else that pays big, it's actually quite complex and difficult to be good at this. It's not impossible, but it's difficult and it requires tremendous effort in code auditing, testing, pentesting, and all the related assessments.

Plus, if you're talking about system vulnerabilities you might need to be literate in more than one domains of security (including programming). No matter how hard it is or it may get, to me this is extremely attractive and engaging.

And what's even better is that today we have platforms like BugCrowd for bug bounties that create a legal and safe bridge for security researchers and pentesters to do their work. The video below is an example methodology that Jason Haddix suggests.

To stay in touch with me, follow @cristi

Cristi Vlad Self-Experimenter and Author

#penetration-testing #busy #cybersecurity
6 years ago in #science by
$3.06
  • Past Payouts $3.06, 0.00 TRX
  • - Author $2.76, 0.00 TRX
  • - Curators $0.30, 0.00 TRX
37 votes
Reply 5
Sort:  
  • Trending
    • [-]
     6 years ago 

    Cyber security has to be improved so has to reduce the risk of hackers and crackers

    $0.00
      Reply
      [-]
       6 years ago 

      Good post, Cristi. Most people really don't understand how important these bug bounty programs are.

      $0.00
        Reply
        [-]
         6 years ago 

        Congratulations @cristi! You have completed some achievement on Steemit and have been rewarded with new badge(s) :

        Award for the number of posts published

        Click on the badge to view your Board of Honor.
        If you no longer want to receive notifications, reply to this comment with the word STOP

        To support your work, I also upvoted your post!

        Do not miss the last post from @steemitboard!

        Participate in the SteemitBoard World Cup Contest!
        Collect World Cup badges and win free SBD
        Support the Gold Sponsors of the contest: @good-karma and @lukestokes

        Do you like SteemitBoard's project? Then Vote for its witness and get one more award!

        $0.00
          Reply
          [-]
           29 days ago 

          Hi! Maintaining relationships while incarcerated can improve inmates' mental health and reduce recidivism rates. By providing a safe and secure platform for communication, Securus Technologies fosters positive relationships between inmates and their support network. Everyone can read about how to use their services in their help system, and if difficulties arise while using the services, then you can call the securus technologies number and they will provide clear instructions on how to fix it.

          $0.00
            Reply

            Coin Marketplace

            STEEM 0.28
            TRX 0.12
            JST 0.033
            BTC 71181.66
            ETH 3647.17
            USDT 1.00
            SBD 3.75