THE GITHUB BUG BOUNTY STORY

No Image

Learn how hacker-powered security illuminated GitHub’s security blind spots, resulted in an ROI of “phenomenal,” and became a permanent part of their security program.
GitHub transitioned to the HackerOne platform to increase process control and have an easier means for finding, communicating with, and rewarding hackers. Now, after three years of bounties, the program has become a critical component of GitHub’s overall security apparatus.
There’s no question it’s a runaway success. There isn’t a single person in the company who thinks the bounty (program) was not successful. GitHub gets reports for lowrisk issues that may or may not get fixed, but they still pay a small bounty to the hacker. Before HackerOne, it was too cumbersome to pay rewards for every report. Now, it’s easy…and for GitHub, it’s the right thing to do.

    If your Download does not start Automatically, Click Download Whitepaper

     

    Show More