Extortion or fair trade? The value of bug bounties

Vendors without bug bounty programs risk the wrath of the infosec community, but such programs must be constructed carefully to yield optimal outcomes

Extortion or fair trade? The value of bug bounties

A security researcher, sitting on what he claims are 30 flaws in various FireEye products, is demanding the security company pay researchers for vulnerability reports.

The confrontation highlights the challenges organizations face when working with the security research community. 

Related:

Copyright © 2015 IDG Communications, Inc.

How to choose a low-code development platform