What Shopify has learned from five years of bug bounty programs
In this op-ed, a senior security engineer for Shopify discusses what has made the company's bug bounty program so successful. (Hint: it's the not the payouts.)
HackerOne cuts ties with mobile voting firm Voatz after it clashed with researchers
It's the first program that has ever been kicked off the HackerOne platform, according to a HackerOne spokesperson.
Cyber Command’s bug bounty program uncovers more than 30 vulnerabilities
The bug bounty program, sponsored by U.S. Cyber Command, zeroed in on finding vulnerabilities external to the Department of Defense Information Network.
California's new labor law is going to impact bug bounty companies. By how much is unknown.
Uber and Lyft aren't the only companies wrestling with California's new labor law.
Why bug bounty firms want to be penetration testing companies
The bug bounty workforce isn't a large one -- so bug bounty companies are pivoting to a different model.
HackerOne thinks its freelance hackers can conduct penetration tests better than actual pentesting companies
The penetration testing market now sits at roughly $1 billion, according to CEO Marten Mickos, nearly ten times more than bug bounties.