Bug Bounty Programs for Cybersecurity: Practices, Issues, and Recommendations

被引:27
作者
Malladi, Suresh S. [1 ]
Subramanian, Hemang C. [2 ]
机构
[1] Univ Arkansas, Sam Walton Coll Business, Informat Syst, Fayetteville, AR 72701 USA
[2] Florida Int Univ, Business Sch, Informat Syst & Business Analyt, Miami, FL 33199 USA
来源
IEEE SOFTWARE | 2020年 / 37卷 / 01期
关键词
Crowdsourcing; Fuzzing; Computer hacking; Tools; Computer bugs; Bug-Bounty; Hackers; Cyber-Security; SOFTWARE;
D O I
10.1109/MS.2018.2880508
中图分类号
TP31 [计算机软件];
学科分类号
081202 ; 0835 ;
摘要
Drawing upon crowdsourcing, bug bounty programs (BBPs) are entering the mainstream security practice in organizations. We analyze and recommend best practices in five main BBP areas: scoping of BBPs, timing of crowd engagement, submission quality, firm-researcher communication, and hacker motivation.
引用
收藏
页码:31 / 39
页数:9
相关论文
共 50 条
[41]   A Comprehensive Review on Cybersecurity Issues and Their Mitigation Measures in FinTech [J].
Ali G. ;
Mijwil M.M. ;
Buruga B.A. ;
Abotaleb M. .
Iraqi Journal for Computer Science and Mathematics, 2024, 5 (03) :45-91
[42]   Nursing students' cybersecurity practices and perceptions and cybersecurity crime awareness: A cross-sectional study [J].
Yalcinkaya, Turgay ;
Tuncer, Metin ;
Tuncer, Gulsum Zekiye ;
Erol, Ahmet ;
Yucel, Sebnem Cinar .
NURSE EDUCATION TODAY, 2025, 153
[43]   A bibliometric review of Internet of Things (IoT) on cybersecurity issues [J].
Ganji, Kashmira ;
Afshan, Nikhat .
JOURNAL OF SCIENCE AND TECHNOLOGY POLICY MANAGEMENT, 2025, 16 (06) :984-1002
[44]   CYBERSECURITY OF PUBLIC REGISTERS IN POLAND: SELECTED LEGAL ISSUES [J].
Gryszczynska, Agnieszka .
GEOGRAPHIC INFORMATION SYSTEMS CONFERENCE AND EXHIBITION - GIS ODYSSEY 2016, 2016, :105-113
[45]   COVID-19: cybersecurity issues in times of pandemic [J].
Imamverdiyev, Yadigar ;
Sukhostat, Lyudmila .
ELECTRONIC GOVERNMENT- AN INTERNATIONAL JOURNAL, 2024, 20 (05) :569-590
[46]   Medical Internet of Things and Legal Issues Regarding Cybersecurity [J].
Chou, Chien-Cheng .
IOT AS A SERVICE, IOTAAS 2017, 2018, 246 :50-53
[47]   Cybersecurity Issues in Electrical Protection Relays: A Systematic Review [J].
Gaggero, Giovanni Battista ;
Girdinio, Paola ;
Marchese, Mario .
ENERGIES, 2025, 18 (14)
[48]   Addressing Cybersecurity Issues in ERP Systems - Emerging Trends [J].
Anica-Popa, Liana-Elena ;
Vrincianu, Marinela ;
Pugna, Irina-Bogdana ;
Boldeanu, Dana-Maria .
PROCEEDINGS OF THE INTERNATIONAL CONFERENCE ON BUSINESS EXCELLENCE, 2024, 18 (01) :1306-1323
[49]   Augmenting Cybersecurity in Autonomous Vehicles: Innovative Recommendations for Aspiring Entrepreneurs [J].
Khan, Muhammad Khurram ;
Quadri, Amanullah .
IEEE CONSUMER ELECTRONICS MAGAZINE, 2021, 10 (03) :111-116
[50]   Cybersecurity Practices At The Initial Stages Of The Software Engineering Process [J].
Gonzalez, Hugo ;
Llamas-Contreras, Rafael ;
Guerra-Garcia, Cesar .
2021 9TH INTERNATIONAL CONFERENCE IN SOFTWARE ENGINEERING RESEARCH AND INNOVATION (CONISOFT 2021), 2021, :219-226
12345