What’s the Value of Bug Bounty Programs?

Tags:
social sciences

Researcher

Keren Elazari

The exploratory study aims to develop an economic model to assess the value of Vulnerability Reward (Bug Bounty) programs, in which software companies offer compensation to outside hackers who find vulnerabilities and disclose responsibly.

Research Question: What’s The Value of Bug Bounty Programs?

Financial Value : e.g. more efficient bug discovery process
Business / Organizational Value: e.g. a new source for HR hiring
Reputational Value: e.g. company is considered “more secure”
Technology Value: e.g. effect of program on product feature R&D
Legal/ Liability Value: e.g. lower cyber insurance premium

Latest Researches

Blavatnik ICRC News

The Cyberwarfare Front of the Israel-Gaza War

Cyber Week 2023

Blavatnik ICRC Researchers win Best Paper at CSCML 2023

Ambassadors Summit Hailed As Success 2022

"The Cyber Revolution and What Followed"

Professor Adam Morrison's Team Wins Intel's Hardware Security Academic Award

Will Europe Stay Behind the Innovation Curve?

New Researches