IDC PlanScape: Launching a Bug Bounty Program
This IDC study explains how to create a bug bounty program that enables the program sponsor to gain from the collective experience of a large community of security professionals. The reality is that unsanctioned grey hat and black hat hackers exist and will probe your organization's security whether you like it or not. Their incentives might be financial gain, publicity, or pure curiosity. By creating a bug bounty program, you provide these individuals with the opportunity to channel their exploration into a sanctioned effort that provides you with a structured opportunity to review, remediate, and respond to vulnerability reports."Bug bounty programs incentivize security researchers to test your systems for weaknesses and then provide you with an opportunity to fix the problems and strengthen your defenses," says Mike Chapple, adjunct analyst with IDC's IT Executive Programs (IEP). "These programs allow you to benefit from the collective thinking of a large community of security professionals. You'll have more minds focused on your security posture than you could ever hire as employees or consultants."
Please Note: Extended description available upon request.
Learn how to effectively navigate the market research process to help guide your organization on the journey to success.Download eBook