Research Library

The top resource for free research, white papers, reports, case studies, magazines, and eBooks.

Share Your Content with Us
on for readers like you. LEARN MORE
Bug Bounty Programs Are Not A Quick Fix

Request Your Free Report Now:

"Bug Bounty Programs Are Not A Quick Fix"

Security professionals have doled out millions to fund bug bounty programs that find vulnerabilities in their software. But are these programs worth it? A recent Veracode study finds that bug bounties may help, but are no match for a strong AppSec culture and program.

This report looks at the results of a survey taken by 500 IT decision makers in the cybersecurity industry. This report shows the stats surrounding these security choices, and the best options for thorough security programs. You will learn:

  • How to get the best results building a layered application security program
  • Why respondents think organizations rely too heavily on bug bounty programs to find application security risks
  • Why many IT professionals are concerned about a false sense of security – especially in applications
  • How to limit the need to bug bounties with developer training
“93% of cybersecurity ITDMs believe that most flaws uncovered in a bug bounty program could have been prevented by developer training or testing in the development phase.”

Offered Free by: Veracode, Inc.
See All Resources from: Veracode, Inc.

Recommended for Professionals Like You: