In case you haven’t followed these: One of the great consequences of bug bounties is that they’ve opened the market for manual security testing to talent worldwide, including talent which is very early in their careers and is highly dependent on automated scanners.
-
-
Show this thread
-
If you publish a bug bounty, you are setting up an incentive structure which will result in you getting *a lot* of email from a worldwide talent pool which skews in that direction. You will find that to be a frustrating experience if you have a job in addition to security.
Show this thread
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.