How to maximize ROI of Bug Bounties and penetration tests

I’ve been doing security bug hunting, penetration tests and managing in-house bug bounty programs for various companies, for over half a decade already. During that time I learnt that it doesn’t really happen too often that hiring company knows exactly what to do with security engagements results. I’d like to help and suggest what you … Continue reading How to maximize ROI of Bug Bounties and penetration tests →

Pentests vs BugBounty for startups and SMBs

I’ve been thinking quite a lot about coming up with a series of articles on how to secure small and medium organizations from the ground up. It was waiting for the right moment and it’s time to start it out, especially that very recently this question appeared on Peerlyst where I’ve put my $0.02 on … Continue reading Pentests vs BugBounty for startups and SMBs →