At Business Reporter, we publish a website about cyber-security, teiss.co.uk (take a look: everyone needs cyber-security). Needless to say, hackers are constantly trying to break it!
Keeping Business Reporter and teiss safe is important. We don’t want people publishing unauthorised content or hackers stealing the contact details of our subscribers.
However, as for any small business, it is very hard to find the time and resources needed to keep it secure. New weaknesses of popular publishing platforms such as WordPress (which we use) are always coming to light. It’s hard to keep up, and we can never be totally sure that we have found all the potential bugs or security weaknesses.
Then we came across bug-bounty.com and realised that tracking down bugs in our systems would be less troublesome than we first thought.
What is a bug bounty?
Bug bounty programmes offer rewards to ethical hackers who discover bugs or security weaknesses. They are often run by big software publishers such as Microsoft so they can fix these issues before they’re discovered and exploited by the bad guys.
Companies often hire a team to test the security of their website or system before deployment. But what happens when new features or updates are pushed? What about the bugs or weaknesses that these teams miss?
This is why it makes sense to sign up to a bug bounty programme to ensure the system gets tested by a vast range of freelance security experts, not just one team. Bug bounty programmes also ensure that the system is always being tested, not just at one point in time. This ensures bugs introduced by new features or updates get caught and fixed before they get exploited by black-hat hackers.
What are ethical hackers?
An ethical hacker is a security expert skilled in testing the security of websites, mobile apps and IT systems to identify bugs and vulnerabilities. These professional bounty hunters employ the same techniques used by black-hat hackers, but do so legitimately with the permission of the owner. This helps identify and resolve any vulnerabilities before they are found by hackers who are rather less ethical.
Many companies attempt to run their own bug bounty programmes, but finding and managing a team of freelance hackers isn’t simple. Are they ethical? Are they skilled? Will they be bothered to work for you? And are the bugs that they uncover genuine problems?
This is why even huge companies like Amazon do not run their own bug bounty programmes in-house, choosing to run them through a bug bounty platform. However, these bug bounty platforms are very expensive to start with as they are geared towards such big companies. And that’s where bug-bounty.com comes in.
© 2024, Lyonsdown Limited. Business Reporter® is a registered trademark of Lyonsdown Ltd. VAT registration number: 830519543