{"id":314,"date":"2025-04-29T19:43:18","date_gmt":"2025-04-29T19:43:18","guid":{"rendered":"https:\/\/sites.wp.odu.edu\/dchoi201s\/?p=314"},"modified":"2025-04-29T19:43:18","modified_gmt":"2025-04-29T19:43:18","slug":"journal-entry-13","status":"publish","type":"post","link":"https:\/\/sites.wp.odu.edu\/dchoi201s\/2025\/04\/29\/journal-entry-13\/","title":{"rendered":"Journal Entry #13"},"content":{"rendered":"\n<p>A later module addresses cybersecurity policy through a social science framework. At this point, attention can be drawn to one type of policy, known as bug bounty policies. These policies pay individuals for identifying vulnerabilities in a company\u2019s cyber infrastructure.\u00a0 To identify the vulnerabilities, ethical hackers are invited to try explore the cyber infrastructure using their penetration testing skills.\u00a0 The policies relate to economics in that they are based on cost\/benefits principles.\u00a0 Read this article\u00a0<a href=\"https:\/\/academic.oup.com\/cybersecurity\/article\/7\/1\/tyab007\/6168453?login=true\" target=\"_blank\" rel=\"noreferrer noopener\">https:\/\/academic.oup.com\/cybersecurity\/article\/7\/1\/tyab007\/6168453?login=trueLinks to an external site.<\/a>\u00a0 and write a summary reaction to the use of the policies in your journal.\u00a0 Focus primarily on the literature review and the discussion of the findings.<\/p>\n\n\n\n<p>The bug bounty policies are an interesting way for companies to utilize freelance hackers to identify vulnerabilities within their systems. Of course, there are negatives and a fear of backlash, but the literature suggest that the benefits of these programs outweigh the negatives. Firstly, they give companies\u2014both big and small\u2014the opportunity to thoroughly review their systems. For larger companies, these types of vulnerabilities are often overlooked, and for smaller companies, they may not have been able to afford to have hackers scrutinize their systems. The literature proceeds to compile a database that leverages HackerOne data from August 2014 to January 2020, with observations from different programs receiving over 50,000 reports. These reports came from companies of all sizes and serve as a good gauge of the current state of the bug bounty market. The findings suggest that hacker compensation is inelastic. What this means is that it appears the hackers participating in these programs weren\u2019t overly concerned about the bounty itself and were more focused on gaining experience and increasing their notoriety. More notoriety equals a stronger reputation, which ultimately leads to more opportunities for career growth. It seems the hackers were more focused on their personal growth than on the bounties. Additionally, older programs tend to have fewer reports, which makes sense, and certain fields, such as medical, have fewer reports than others. In conclusion the bug bounties program is effective at producing a economy for cybersecurity specialists as this is a program that ultimately benefits both parties involved.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>A later module addresses cybersecurity policy through a social science framework. At this point, attention can be drawn to one type of policy, known as bug bounty policies. These policies pay individuals for identifying vulnerabilities in a company\u2019s cyber infrastructure.\u00a0 To identify the vulnerabilities, ethical hackers are invited to try explore the cyber infrastructure using&#8230; <\/p>\n<div class=\"link-more\"><a href=\"https:\/\/sites.wp.odu.edu\/dchoi201s\/2025\/04\/29\/journal-entry-13\/\">Read More<\/a><\/div>\n","protected":false},"author":30524,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":"","wds_primary_category":0},"categories":[1],"tags":[],"_links":{"self":[{"href":"https:\/\/sites.wp.odu.edu\/dchoi201s\/wp-json\/wp\/v2\/posts\/314"}],"collection":[{"href":"https:\/\/sites.wp.odu.edu\/dchoi201s\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/sites.wp.odu.edu\/dchoi201s\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/sites.wp.odu.edu\/dchoi201s\/wp-json\/wp\/v2\/users\/30524"}],"replies":[{"embeddable":true,"href":"https:\/\/sites.wp.odu.edu\/dchoi201s\/wp-json\/wp\/v2\/comments?post=314"}],"version-history":[{"count":1,"href":"https:\/\/sites.wp.odu.edu\/dchoi201s\/wp-json\/wp\/v2\/posts\/314\/revisions"}],"predecessor-version":[{"id":315,"href":"https:\/\/sites.wp.odu.edu\/dchoi201s\/wp-json\/wp\/v2\/posts\/314\/revisions\/315"}],"wp:attachment":[{"href":"https:\/\/sites.wp.odu.edu\/dchoi201s\/wp-json\/wp\/v2\/media?parent=314"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/sites.wp.odu.edu\/dchoi201s\/wp-json\/wp\/v2\/categories?post=314"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/sites.wp.odu.edu\/dchoi201s\/wp-json\/wp\/v2\/tags?post=314"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}