Oh, the world of good ol’ bug-bounty programs. In recent months they’ve become a hot topic for IT teams looking to unearth vulnerabilities.
And it’s easy to see why. They’re flashy and promise the world. Your company gets notified when a vulnerability is detected. The bounty hunter gets paid for the finding. Everybody leaves happy. Well, not really. Find out why.