In this hunting edition of the Exploring Information Security podcast, Keith Hoodlet of Bugcrowd joins me to discuss bug bounty programs.
Keith (@andMYhacks), is a solutions architect at Bugcrowd. He's also the co-host of Application Security Weekly. While Keith works at Bugcrowd, he also has a lot of experience participating in bug bounty programs. Check out his website AttackDriven.io.
In this episode we discuss:
- What are bug bounty programs?
- Who are security researchers.
- Who is running the bug bounty program?
- When should an organization implement a program.
- Jason Haddix - Bug Bounty Hunting Methodology v2
- The Web Application Hacker's Handbook: Finding and Exploiting Security Flaws by Dafydd Stuttard and Marcus Pinto