@attritionorg Unless one claims, maybe as @wardspan is, that resources invested in bounty programs are better spent elsewhere. @scarybeasts
-
-
@attritionorg Yah, why do so people mistakenly assume that bug bounty programs somehow replace an SDL? Very odd.@wardspan@scarybeasts -
@jeremiahg@attritionorg@wardspan@scarybeasts Meh, who needs bounties, SDLC or even QA when you have customers^^victims?
End of conversation
New conversation -
-
-
@attritionorg@jeremiahg@scarybeasts I agree with the idea that it is a supplement however IME I have seen too many rush to bounty w/o sdlc -
@wardspan really? You are seeing bounty programs launched w/o a reasonable SDL? Man, they'd go broke!@attritionorg@scarybeasts -
@jeremiahg@attritionorg@scarybeasts I did - they wanted to be like the cool kids (cough cough Google FB cough cough)
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.