{"id":217,"date":"2023-11-12T14:47:54","date_gmt":"2023-11-12T14:47:54","guid":{"rendered":"https:\/\/sites.wp.odu.edu\/lferrcyse201s\/?p=217"},"modified":"2023-12-06T14:16:38","modified_gmt":"2023-12-06T14:16:38","slug":"week-11-journal-article-13","status":"publish","type":"post","link":"https:\/\/sites.wp.odu.edu\/lferrcyse201s\/2023\/11\/12\/week-11-journal-article-13\/","title":{"rendered":"Week 11 &#8211; Journal Article # 13"},"content":{"rendered":"\n<p>From the journal article \u201cHacking for good: Leveraging HackerOne data to develop an economic model for Bug Bounties\u201d we learn that evidence supports the assertion that the policy of bug bounties, where third party hackers are compensated for identifying and communicating bugs or weaknesses in an organization\u2019s cyber systems is a cost-effective way for those companies to address potential weak spots.\u00a0 Unfortunately a large percentage of companies do not utilize bug bounties although that may be changing since 2019 as government agencies and private companies have began creating vulnerability disclosure policies that create a framework so that researches can submit bugs and weaknesses without concern of being sued.\u00a0 The journal article sought to provide more information on bug bounty markets based on a variety of different factors but ultimately further research was recommended.\u00a0 The article did find what it termed \u201csix significant findings\u201d which are as follows: 1) Hackers are price insensitive and not motivated by monetary gain; 2) Bug bounties are an effective cybersecurity tool for companies of all different profiles and sizes; 3) Some industries receive fewer bug reports than others; 4) New programs do not appear to impact the number of bugs reported in a given month; 5) Programs receive fewer bug reports over time as bugs become harder to identify and the risk\/reward analysis changes for hackers; and 6) More research is needed to adequately understand bug bounties and the positive and negative impact it has on public and private organizations and their cybersecurity.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>From the journal article \u201cHacking for good: Leveraging HackerOne data to develop an economic model for Bug Bounties\u201d we learn that evidence supports the assertion that the policy of bug bounties, where third party hackers are compensated for identifying and&#8230; <a class=\"more-link\" href=\"https:\/\/sites.wp.odu.edu\/lferrcyse201s\/2023\/11\/12\/week-11-journal-article-13\/\">Continue Reading &rarr;<\/a><\/p>\n","protected":false},"author":26769,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":"","wds_primary_category":0},"categories":[5,1],"tags":[],"_links":{"self":[{"href":"https:\/\/sites.wp.odu.edu\/lferrcyse201s\/wp-json\/wp\/v2\/posts\/217"}],"collection":[{"href":"https:\/\/sites.wp.odu.edu\/lferrcyse201s\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/sites.wp.odu.edu\/lferrcyse201s\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/sites.wp.odu.edu\/lferrcyse201s\/wp-json\/wp\/v2\/users\/26769"}],"replies":[{"embeddable":true,"href":"https:\/\/sites.wp.odu.edu\/lferrcyse201s\/wp-json\/wp\/v2\/comments?post=217"}],"version-history":[{"count":1,"href":"https:\/\/sites.wp.odu.edu\/lferrcyse201s\/wp-json\/wp\/v2\/posts\/217\/revisions"}],"predecessor-version":[{"id":218,"href":"https:\/\/sites.wp.odu.edu\/lferrcyse201s\/wp-json\/wp\/v2\/posts\/217\/revisions\/218"}],"wp:attachment":[{"href":"https:\/\/sites.wp.odu.edu\/lferrcyse201s\/wp-json\/wp\/v2\/media?parent=217"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/sites.wp.odu.edu\/lferrcyse201s\/wp-json\/wp\/v2\/categories?post=217"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/sites.wp.odu.edu\/lferrcyse201s\/wp-json\/wp\/v2\/tags?post=217"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}