WHAT IS BUG BOUNTY?
Bug Bounty is a technical assessment that leverages the power of crowdsourcing. It gives an opportunity to every security researcher to assess an application within the testing scope.
If 100 security experts test an application, they will find very diverse vulnerabilities. Companies usually reward researchers after they found a bug.
MANAGED BUG BOUNTY
AXEN Cybersecurity designed a program that help companies to leverage the power of Bug Bounty programs without the need of an in-house security team.
Bug Bounty programs gave permission to testers to assess web and mobile applications in a non-intrusive way. It is usually permitted do decrease the availability of the system, the usage of automated tools, DOS attacks and privacy violations.
Bug Bounty programs should run continuously in order to keep the company’s security posture up-to-date. It is best used after a Vulnerability Assessment .
AXEN Cybersecurity’s Managed Bug Bounty program contains the following services:
- Design and scope of the program
- Contact with the researchers
- Triage incoming reports
- Support the technical team in fixing the vulnerability
- Verification of the vulnerability fix
The program is designed to be very cost and value effective. There is a one time payment, that covers the design and implementation of the program and further payment occurs only after bug findings.