Your bounty program has launched and is clicking along… but are you getting optimal results once the initial excitement wanes? How do you measure and report on program success? How can you build gamification and incentive models that lead to high value vulnerability reports, while discouraging low impact reports that distract your engineers from issues that put customers at risk?
By Chloe Brown
Full Abstract & Presentation Materials: https://www.blackhat.com/us-19/briefings/schedule/#managing-for-success-maintaining-a-healthy-bug-bounty-program-long-term-17348