Book a call
By LegalEdge News

Bug Bounty Programmes

Bug bounty programmes are becoming increasingly popular in both the public and private sector. They allow companies to leverage the hacker community to discover and report vulnerabilities and bugs in websites and software in return for compensation.

See below FAQs from Evalian, the data protection and cyber security specialists, to help you decide if they might be useful for you.

What is a bug bounty programme?

What is the difference between public and private bug bounty programmes?

Why should you consider a bug bounty programme?

The pros of bug bounty programmes  

The cons of bug bounty programmes

Making bug bounties work for your business

If you’re considering a bug bounty programme a good place to start is by setting up a vulnerability disclosure process. This will allow security researchers, or even the public, to contact you should they find a weakness in your systems. Evalian also recommend reading the National Cyber Security Centre’s advice on vulnerability disclosures as a start. Ultimately, bug bounty programmes can be a solid addition to your vulnerability management process, complemented by penetration testing and regular vulnerability scanning. You can contact Evalian on if you want to discuss your options with them in more detail.

And if you need help pulling together your terms and conditions for your Bug Bounty Programme please get in touch with us on 

Back To Blog Our Services
  • Share:

What do our clients think?