How many bug bounty programs does your organization run currently?

LeadershipArchitecture

021%

131%

233%

3-513%

5+1%

216 PARTICIPANTS
952 viewscircle icon1 Upvotecircle icon3 Comments
Sort by:
Director of Information Security in Energy and Utilities5 years ago

Kind of curious how come this question came up? Is each vendor being considered a different bug program vs. 1 program with multiple vendors participating in it? Logically speaking the answer should only be 1 or 0 in this particular question.

Lightbulb on2 circle icon2 Replies
no title5 years ago

Good point. I&#39;d imagine it is the former -- <mention id="603d4689570285000131b2b6" displayname="Breonna Burrell"></mention> can chime in here since she was at BugCrowd.

Lightbulb on1
no title5 years ago

<mention id="5e8620fbd36e1d153ea665d4" displayname="anatoly Chikanov"></mention> Yes closer to your first point - I noticed that most customers would run multiple program types with specialized focuses. For example, one of our enterprise car manufacturing customers would run different programs for different vehicle types as they each use their own specialized software/hardware. There are times, however, where a large customer will want to run one large, open scope program and separate bug issues on a Target level within the program itself. When I set up programs, my focus was really on the individual customer&#39;s preference and security strategy.

Content you might like

Are you seeing changes in the quality or speed of threat intelligence from sources you relied on in previous years? Can you share how you are being impacted so far by the uncertainty around public-private partnerships for cyber information sharing?

Read More Comments

What’s the number-1 factor you consider when deciding whether a new tool is worth purchasing?

Budget allocation12%

Potential process improvements69%

Onboarding & training bandwidth8%

Security & compliance8%

Reviewing prior purchase overlap1%

View Results

Data Analytics-as-a-Service (DAaaS) is a cloud-based delivery model for data analytics & AI.  What do you see as the most important enabler for you to adopt DAaaS for your business?

Ease of getting my data into the DAaaS platform9%

Tools that make it easy to create use cases with the DAaaS platform41%

A pre-existing library of dashboards and report templates to help me quickly get up-and-running32%

The ability to try out the DAaaS platform for free before buying10%

Services from the DAaaS vendor (consulting, support, training)3%

Confidence that my data is safe in the cloud2%

View Results

What is the best work travel advice you’ve ever been given?

Read More Comments

At what point do you consider networking to still be a core function of IT, and when does it make sense to hand it off to another team or external provider? What factors do you take into account when deciding whether networking should remain within the IT department or be managed by someone else?

Read More Comments