From the course: IoT Product Security
Unlock this course with a free trial
Join today to access over 23,100 courses taught by industry experts.
Vulnerability Disclosure Program: Part 3
From the course: IoT Product Security
Vulnerability Disclosure Program: Part 3
Hi, I'm Matthew Clark. And this is Lesson 6.6: Vulnerability Disclosure Programs, Part 3. In this lesson, we'll continue our conversations about bug bounty programs and talk about the pros and cons. We'll also discuss more about safe harbor and responsible disclosure programs. And finally, we'll discuss about what it takes to build a vulnerability disclosure program. So we've been talking about bug bounty programs, which involve crowdsourcing. So let's kind of enumerate some of the pros and cons. One of the pros is that it is proactive. People are potentially looking for problems all the time. It's also cost-effective because you're only paying for actual issues, not the potential ones. You're not paying for how long it took someone to find a problem and you're not paying for them to learn on the job either. Another pro is that organizations get to limit impact because bug bounty programs have been accused of buying silence. In fact, I'm left to a reference to an article called "Bug…
Contents
-
-
-
-
-
-
-
Manufacturing and provisioning9m 30s
-
(Locked)
Vulnerability management and patching: Part 19m 41s
-
(Locked)
Vulnerability management and patching: Part 211m 51s
-
(Locked)
Vulnerability Disclosure Program: Part 17m 26s
-
(Locked)
Vulnerability Disclosure Program: Part 27m 49s
-
(Locked)
Vulnerability Disclosure Program: Part 38m 26s
-
(Locked)
Device ownership8m 3s
-
(Locked)
IOTSF Secure Design Best Practice Guides7m 4s
-
-