Tapping Hackers for Continuous Security — Michiel Prins at FinDEVr

Bug bounty programs are popping up all over the place, as more and more companies embrace collaborating with friendly hackers to find vulnerabilities before cyber criminals have a chance to exploit the same bugs for nefarious purposes. Today, most fintech companies are running these programs in private. Whether you run an active bug bounty program, or if your security@ email address is routed to /dev/null, this session will help attendees shed blind dogma and walk away armed with an analytical approach towards building an effective vulnerability disclosure program.

What You’ll Learn:

How external hackers can help assess and quantify your security posture

Why a bug bounty program is or isn’t right for you

The building blocks of a vulnerability disclosure program and how to measure its impact on your software development lifecycle