Update …

 
 11 Feb 2013 @ 2:01 PM 

Well nothing new, except that I am preparing for two presentations related to bug bounties for CzechTest and Good Requirements 2013 . Much harder to present than to test, but I think it’s good to try to do public speaking and share ideas (not only keeping it for yourself :) ). The presentations are not intended for experts in security, but is  an introduction for software testers.

Another tip related to security bounties and hall of fame, is to try send anything, because good companies are appreciating the effort even if you send something out of scope.

For example in my case I have been added in AT&T Hall of Fame and Samsung TV Bounty (and got rewarded financially too) even if my submissions were close, but not exactly what they asked for.

I heard Nokia gives a smartphone for useful bugs so you can try that too.

Again, I still promote bug bounties to testers. I think testers have the reflex to send useful security issues, even if they are not too familiar with security.

It’s still nice to be a bug hunter even if there are “colder” periods.

Lots of good testers don’t have that high of income and I think 500$ per bug is worthwhile for spending a few hours in many countries.

If it’s called “security” that should not be intimidating. It’s a lot about creativity and not that much technical.

I wish I would have known few years ago about bug bounties, but it’s not too late anyway, so that’s why I am sharing and promoting this idea.

In testing there are not too many consultants to popularize it, for various reasons: relatively new thing this bug bounty idea, known consultants are not that technical, seeing the field too separate than it should be etc.

But I think it’s much better than to just be part of a blame culture at your workplace and maybe you can give it a thought.

ShareThis
Posted By: Eusebiu Blindu
Last Edit: 11 Feb 2013 @ 02:01 PM

EmailPermalink
Tags
Categories: bug bounty
Previous Next


 

Responses to this post » (7 Total)

 
  1. srinivas kadiyala says:
    February 13, 2013 at 6:33 am

    I am in blame culture environment most of the time.
    what should i do?

    Reply to this Comment
  2. srinivas kadiyala says:
    February 13, 2013 at 6:47 am

    Thanks for ur post.
    Looking forward to read ur writings.
    Congrats for Hall of Fame :)

    Reply to this Comment
  3. srinivas kadiyala says:
    February 13, 2013 at 7:24 am

    Just checked the Hall of fame in At&t u were mentioned..

    I just checked the At&t,in just 5 mins..i have found a bug.

    How can i submit to it?
    Can u please share the info – the process ?

    Reply to this Comment
Post a Comment

XHTML: You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

Tags
Comment Meta:
RSS Feed for comments
TrackBack URI
Last 50 Posts
Back
Register an account
  • Users » 2
  • Posts/Pages » 136
  • Comments » 148
Change Theme...
  • VoidVoid
  • LifeLife
  • EarthEarth
  • WindWind
  • WaterWater
  • FireFire
  • LightLight « Default

Agile Testing Days prequel

  • No categories

bug bounty

  • No categories

Bugs

  • No categories

Carnivals

  • No categories

challenge

  • No categories

Classic Tests

  • No categories

conferences

  • No categories

EWT

  • No categories