Speaker: Mike Shema, VP of SecOps and Research, Cobalt.io

The crowdsourced security model has been embraced by organizations running bug bounty programs. These programs are intended to discover and resolve vulns in production applications. However, without good preparation or supporting processes, they too often deviate from an effective part of the security development lifecycle into a source of noise. This presentation demonstrates how to measure and manage the time and budget invested in vuln …