Writing Vulnerability Reports that Maximize Your Bounty Payouts
Originally streamed Friday, April 1 at 10AM PDT
Kymberlee Price gives her talk "Writing Vuln Submissions that Maximize Your Payouts" which she originally presented at Nullcon 2016 during the "Bounty Craft" Track.
This 30 minute talk discusses several critical steps to writing great vulnerability submissions that will speed up issue triage for the incident response team receiving your report (and result in higher bounty payouts). Examples of common mistakes will be reviewed with real submissions received by Bugcrowd.
- What to look at when reading the bounty brief
- How to communicate impact using the STRIDE model
- How to verify findings and provide POC & attack scenarios