{"id":347,"date":"2023-04-03T09:00:07","date_gmt":"2023-04-03T14:00:07","guid":{"rendered":"https:\/\/sites.wp.odu.edu\/brandonburke\/?p=347"},"modified":"2024-02-02T18:50:21","modified_gmt":"2024-02-02T23:50:21","slug":"journal-12-bug-bounties","status":"publish","type":"post","link":"https:\/\/sites.wp.odu.edu\/brandonburke\/2023\/04\/03\/journal-12-bug-bounties\/","title":{"rendered":"Journal 12 \u2013 Bug Bounties"},"content":{"rendered":"\n

Bug bounties are run by businesses to find flaws and vulnerabilities in their applications and systems. Hired professionals and regular people can participate in a bug bounty program to find bugs and earn money from the found vulnerabilities.<\/em><\/p>\n\n\n\n

Bug Bounties Program and Policies<\/h2>\n\n\n\n

A bug bounty is a program run by different businesses to find flaws and vulnerabilities affecting the product and end user. Bugs vary in levels of severity. For example, a bug may be classified as critical, meaning there is a high risk associated with the bug. A critical bug can affect the confidentiality, integrity, and availability of the product and end users using the product. A lower class vulnerability may be classified as minor, meaning there is low risk associated with the bug. For example, a low risk bug could be a visual error in the content display of an application. Bug bounties are less expensive to run than having multiple lawsuits filed and a data breach. Therefore, companies should invest in bug bounty programs to prevent monetary loss and to have outside people look for vulnerabilities in a system that the internal team has missed.<\/p>\n\n\n\n

References<\/h2>\n\n\n\n

Sridhar, K., & Ng, M. (2021, March 12).\u00a0Hacking for Good: Leveraging HackerOne Data to Develop an Economic Model of Bug Bounties<\/em>. OUP Academic. Retrieved April 4, 2023, from https:\/\/academic.oup.com\/cybersecurity\/article\/7\/1\/tyab007\/6168453<\/p>\n\"Facebook\"<\/a>\"twitter\"<\/a>\"linkedin\"<\/a>\"instagram\"<\/a>\"flickr\"<\/a>\"foursquare\"<\/a>\"mail\"<\/a>","protected":false},"excerpt":{"rendered":"

Bug bounties are run by businesses to find flaws and vulnerabilities in their applications and systems. Hired professionals and regular people can participate in a bug bounty program to find bugs and earn money from the found vulnerabilities. Bug Bounties… Continue Reading →<\/a><\/p>\n","protected":false},"author":24541,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":"","wds_primary_category":0},"categories":[4],"tags":[],"_links":{"self":[{"href":"https:\/\/sites.wp.odu.edu\/brandonburke\/wp-json\/wp\/v2\/posts\/347"}],"collection":[{"href":"https:\/\/sites.wp.odu.edu\/brandonburke\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/sites.wp.odu.edu\/brandonburke\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/sites.wp.odu.edu\/brandonburke\/wp-json\/wp\/v2\/users\/24541"}],"replies":[{"embeddable":true,"href":"https:\/\/sites.wp.odu.edu\/brandonburke\/wp-json\/wp\/v2\/comments?post=347"}],"version-history":[{"count":1,"href":"https:\/\/sites.wp.odu.edu\/brandonburke\/wp-json\/wp\/v2\/posts\/347\/revisions"}],"predecessor-version":[{"id":348,"href":"https:\/\/sites.wp.odu.edu\/brandonburke\/wp-json\/wp\/v2\/posts\/347\/revisions\/348"}],"wp:attachment":[{"href":"https:\/\/sites.wp.odu.edu\/brandonburke\/wp-json\/wp\/v2\/media?parent=347"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/sites.wp.odu.edu\/brandonburke\/wp-json\/wp\/v2\/categories?post=347"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/sites.wp.odu.edu\/brandonburke\/wp-json\/wp\/v2\/tags?post=347"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}