Play by Play: Bug Bounties for Companies
by Casey Ellis and Troy Hunt
In this course, you’ll learn how your organization would benefit from a bug bounty and how to determine if it’s ready to undertake a bug bounty program of its own.
What you'll learn
In this course, Play by Play: Bug Bounties for Companies, Troy Hunt and Casey Ellis discuss bug bounties from the perspective of organizations interested in running their first bug bounty program. Learn the purpose bug bounties serve, how bug bounties are run, and how to position a bug bounty program to leadership in order to get buy-in for the program. By the end of this course, you’ll be able to speak to the benefits of a bug bounty program and ascertain if your organization is ready to undertake a bug bounty of its own.
About the authors
Casey Ellis is founder, CTO, and chairman of the board of Bugcrowd. He started life in infosec as pentester, moved to the dark side of solutions architecture and sales, and finally landed as a career entrepreneur. He's been in the industry for 15 years, working with clients ranging from startups to government to multinationals, and awkwardly straddles the fence of the technical and business sides of information security. Casey pioneered the Bug Bounty as-a-Service model launching the first progr... moreams on Bugcrowd in 2012, and has presented at Blackhat, Defcon, Derbycon, SOURCE Boston, AISA National, and many others. He is happy as long as he's got a problem to solve, an opportunity to develop, a kick ass group of people to bring along for the ride, and free reign on t-shirt designs.
Troy Hunt is a Microsoft Regional Director and MVP for Developer Security, an ASPInsider, and a full time Author for Pluralsight—a leader in online training for technology and creative professionals. Troy has been building software for browsers since the very early days of the web and possesses an exceptional ability to distill complex subjects into relatable
explanations. This has led Troy to become an industry thought leader in the security space and produce more than twenty top-rated courses ... morefor Pluralsight. Currently, Troy is heavily involved in Have I been pwned? (HIBP) a free service that aggregates data breaches and helps people establish potential impacts from malicious web activity. Troy blogs regularly about web security and is a frequent speaker at industry
conferences across the globe and throughout the media to discuss a wide range of technologies. Troy has been featured in a number of articles with publications including Forbes, TIME magazine, Mashable, PCWorld, ZDNet and Yahoo! Tech. Aside from technology and security, Troy is an avid snowboarder, windsurfer and tennis player