Episode 67: In this episode of Critical Thinking - Bug Bounty Podcast we deep-dive on the topic of Vulnerability Disclosure Programs (VDPs) and whether they are beneficial or not. We also touch on the topic of leaderboard accuracy, and continue the Program VS Hacker debate regarding allocating funds for bounties.
Follow us on Twitter at: https://twitter.com/ctbbpodcast
We're new to this podcasting thing, so feel free to send us any feedback here: info@criticalthinkingpodcast.io
Shoutout to https://twitter.com/realytcracker for the awesome intro music!
====== Links ======
Follow your hosts Rhynorater & Teknogeek on twitter:
https://twitter.com/0xteknogeek
https://twitter.com/rhynorater
Project Discovery Conference: https://nux.gg/hss24
====== Ways to Support CTBBPodcast ======
Hop on the CTBB Discord at https://ctbb.show/discord!
We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.
Resources:
Nagli's Braindump on VDPs
https://twitter.com/galnagli/status/1780174392003031515
Timestamps:
(00:00:00) Introduction
(00:05:37) VDP programs
(00:34:10) Leaderboards
(00:43:52) Hacker vs. Program debate Part 2
(01:07:24) Walling Off Endpoints
