Comment by NicoJuicy
4 months ago
Our company has a bug bounty program:
- handled with priority, but sometimes it takes a couple of weeks for a more definite fix
- handled by the security department within the company ( to forward to relevant PO's and to follow up)
The unfortunate thing about bug bounties is that you will be hammered with crawlers that would sometimes even resemble a DDOS
>The unfortunate thing about bug bounties is that you will be hammered with crawlers
you mean your product will be hammered by people testing to find holes, thus garner the bounty? or some other reason?
Yes. Crawlers, security scanners, ...
Eg. Testing all vulnerable wp plugin paths on all domains. Multiple times a minute
We don't even have WordPress fyi