iSEC Partners - Responsible Disclosure/Bug Bounty

Doug Milliman dmilliman at isecpartners.com
Tue May 5 17:22:34 EDT 2015


Good afternoon Lynn,

I hope this email finds you well. I wanted to reach out regarding your Bug Bounty Program. It's a very hot topic for a lot of companies, I was curious how it is working for you? Have you given any thought about having a 3rd party manage that program?

There are a number of reasons companies are starting to use 3rd party vendors to manage their Bug Bounty Program. They may not have the bandwidth to triage issues, the resources to handle the flood of bugs (finding legitimate bugs that maybe hidden amongst duplicate reports) following a new acquisition or product launch, there are payment issues when dealing with individuals outside of the US, and the challenge communicating with external researchers (typically via email).

iSEC Partners offer a solution that makes it seamless for you to implement this entire process. This program combines the distinguished HackerOne platform and the world-class consulting services from iSEC Partners to manage your Bug Bounty program which enables your team to leverage a deep, diverse pool of security expertise to continually probe external attack surface with unparalleled levels of meticulous creativity.

That being said, I'd like to set up a meeting and hear more about your program. What is your availability this week?

Regards,
Doug

Douglas Milliman
iSEC Partners
415-268-9255
www.isecpartners.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://pidgin.im/cgi-bin/mailman/private/security/attachments/20150505/5da03e32/attachment.html>


More information about the security mailing list