Hey everyone. From a commercial perspective how popular are bug bounty programs?
I know in parts of Europe, APAC, and the US, and for big tech many firms already have programs in place, but the UK market has been much slower to adopt them.
Large organisations already have good security processes in place already (AV, email security, patching, etc.).
My question is really focusing on how CISOs and security professionals view bug bounties, and if they are to become part of the mainstream in cyber security in the UK? Or not? Will they be easy to “sell” or are they viewed with scepticism?
I ask this from a commercial perspective rather than tech!
I ask this as a security professional looking at the future of the market. I work for a pretty standard, old school MSP and want to innovate our model.