Bug Bounty: How we upgraded security and teams
-
40 min
In this report, I will tell you how participation in Bug Bounty helped us at ATI.SU not only find vulnerabilities, but also implement security testing processes in teams. And also seriously improve in this topic ourselves.
I will share how we launched the first program: where we started, what we encountered, what had to be rebuilt and how this affected the teams. I will show real cases and numbers.
And most important, I will tell you how we approached triage, what role testers played in this and what this gave us.
Come if you want to take a look at Bug Bounty from the inside and learn how participation in this program can improve teams and processes.