S3 Ep19.5: How NOT to be a bug bounty hunter - podcast episode cover

S3 Ep19.5: How NOT to be a bug bounty hunter

Naked Security
Feb 12, 202116 minSeason 3Ep. 19
--:--
--:--
Listen in podcast apps:
Apple Podcasts
Spotify
Download
YouTube
Overcast
Pocket Casts
Episodes.fm
Download Metacast podcast app
Listen to this episode in Metacast mobile app
Don't just listen to podcasts. Learn from them with transcripts, summaries, and chapters for every episode. Skim, search, and bookmark insights. Learn more

Episode description

In this special mini-episode, Paul Ducklin talks to Sophos cybersecurity expert Chester Wisniewski about bug bounty hunting.


How does bug bounty hunting work? What should you do if you get a bug report that doesn't follow established protocol? Chester tells you how to deal with so-called "beg bounties", where self-styled "experts" beg you for money or even threaten you with ill-defined "problems" they claim to have found.


https://news.sophos.com/en-us/have-a-domain-name-beg-bounty-hunters-may-be-on-their-way


https://nakedsecurity.sophos.com/beware-of-technical-experts-bombarding-you-with-bug-reports


Original music by Edith Mudge


Got questions/suggestions/stories to share?

Email tips@sophos.com

Twitter @NakedSecurity

Instagram @NakedSecurity

For the best experience, listen in Metacast app for iOS or Android