I feel like bug bounties are a subpar alternative to security consulting from perspective of participants who can consult.
-
-
Play a few rounds of this game and the equilibrium is the company is tired of triaging chaff and good researchers worldwide treated poorly.
-
Maybe that's what the market wants for manual identification of XSS bugs on surface areas of X0,000 pages? I don't know; seems suboptimal.
- 1 more reply
New conversation -
-
-
but I guess it becomes self-selecting in the longer term as you only get paid if you find something of value.
-
Some of these are quite funny https://en.wikipedia.org/wiki/Sneakernet#Usage_examples …
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.