Bug Bounty Hunters

 


Where have you heard the word bounty or may be bounty hunter? I’m positive that is from a Television show, well for me, that was the case. Heard it in Lucifer! Anyhow in professional grounds, bounty hunters also called bail enforcement officers, in general terms is known to be a professional person who captures fugitives or criminals for a commission or bounty. These types of personals work for law enforcement to lure fugitives out from hiding and bring them to justice. But this post is not about those bounty hunters but about a different kind of bounty hunters in cyber security sphere, bug bounty hunters.

Ethical Hacking and Bug Bounty Hunting

A bug bounty hunter is an individual who discovers and reports software bugs. But wait! There is a well-known term we use for that, if you would say, and if that’s Ethical Hacking you have in mind, I would say those are two different things. Ethical hacking is mainly penetrating testing (Pen tests) carried out by a company specialized for that task. Pen tests are carried out by experienced ethical hackers employed by specialist cyber security companies. Professional ethical hackers are required to have undertaken qualifications in cyber security. This makes sure that they have an in-depth knowledge of the legal, technical, and ethical aspects of testing. Bug bounty hunters on the contrary can be a mixture of both professional ethical hackers and armatures. Mostly, students are attracted to Bug Bounty Program (BBP).

What Is A Bug Bounty Program?

A bug bounty program is a crowdsourcing (use talents of the crowd) program offered by websites, organizations, and software developers that rewards individuals for discovering and reporting software bugs. In return for the bugs found, bounty hunter receives recognition and compensation. The ultimate target here is to allow developers to remedy any sort of bug before the general public is aware of those. Well renowned companies like Mozilla, Google, Facebook and Microsoft have implemented Bug Bounty Programs (BBP).

Penetration Testing VS BBP

Penetration testing as mentioned before is a well-known and established cyber security assessment type carried out by a company that specializes in ethical hacking. BBP help explore more in to already well-secured platforms’ vulnerabilities and find any bug that is left.
Fundamentally a penetrating test is differed from a BBP from the resources – people who carry out each. While pen tests are carried out by experts BBP can be carried out by a both experts and armatures.
Pen testing are usually carried out to meet specific needs of a particular client. Different types of assessments such as internal and external network testing, web application testing and wireless testing are carried out under this. BBP on the other hand is only concerned with publicly available web application testing. The scope of the testing in BBP is not so well defined.
While in terms of the duration of the testing, pen testing is carried out over a relatively shorter period, BBP does not have hard and fast deadlines as such and so is best for continuous testing with frequent release cycles.
Cost wise the pen tests usually is based on the number of days hackers need to achieve the agreed upon objectives. In most BBP platforms organizations are allowed to set the price they are prepared to pay. 
Even though BBP have become popular nowadays, in terms of feedback, pen testing is better since penetration test will not only identify exposures, but will also provide the feedback and support needed to address them. Bug bounty programs are focused solely on discovering vulnerabilities and for this reason the level of feedback will generally be low.

 References

https://www.cyberdb.co/difference-penetration-testing-bug-bounty-programmes/

https://www.webopedia.com/TERM/B/bug-bounty-program.html

https://en.wikipedia.org/wiki/Bounty_hunter

https://internetseekho.com/how-to-become-a-bug-bounty-hunter-in-2020/

 

 


 

 

 


Comments

  1. Dulanga KithminiNovember 25, 2020 at 8:02 PM

    This is my first time reading on this topic. I'm a little curious about how the rewarding happens in these programs. Since armatures also carry out the testing there can be reliability issues. So, how do they reward?

    ReplyDelete
    Replies
    1. Pramodi HerathNovember 26, 2020 at 10:36 AM

      It is for the critical flaws that they are being rewarded Dulanga. If somebody finds a real, critical flaw in the software only they get a reward. This is not pre-promised or in proportion with the time someone spends finding it. This reward or the bounty can be monetary reward, or being put into a “hall of fame” list for finding the bounty, or gear from the company giving the bounty, or any combination of the above. Anyone in the world is free to scrutinize through the code of an application of an open source software and look for flaws. There are rules of course which you can find an instance of, following this link: https://ostif.org/bug-bounties-what-they-are-and-why-they-work/

      Delete
  2. Ruvy RathnayakeNovember 27, 2020 at 5:04 PM

    As we know allowing to conduct a pen testing or a BBP testing means exposing the business or the organization to a third party. So what kind of resources are taken from the client (business/organization) in order to conduct these two type of testing?

    ReplyDelete
    Replies
    1. Pramodi HerathDecember 3, 2020 at 9:50 AM

      Yes Ruvishka. That's true specially for penetrating testing compared with BBP, since BBP only websites and web applications that are publicly accessible are exposed for the hackers to find bugs. But in pen testing there are many types of assessment, ranging from internal and external network testing, to web application testing, wireless testing, and more. That's why unlike BBP, pen tests are being carried out by a company that specializes in ethical hacking. Unlike BBP, pen tests include proper planning and preparation to ensure that the pen test itself does not become a vulnerability for the company.

      Delete
  3. Chamal DemelNovember 28, 2020 at 9:06 PM

    Comprehensive writeup Pramodi. Are there any specific bug bounty hunting tool?

    ReplyDelete
    Replies
    1. Pramodi HerathDecember 3, 2020 at 9:55 AM

      Yes Chamal. In fact, there are plenty of tools such as HackBar, Wfuzz, IronWASP, Burp Suite, Google Dorks, and many more. For a comprehensive read on the same, please refer the following link: https://resources.infosecinstitute.com/certification/top-10-security-tools-for-bug-bounty-hunters/

      Delete
  4. Rajitha GamageDecember 11, 2020 at 4:18 PM

    Nice flow pramodi, Big bounty hunting is new information for me. Thank you for making us aware with latest information.

    ReplyDelete

Post a Comment

Popular posts from this blog

Security Operation Center (SOC)

Image
I have previously written on SIEM before, which is a main part of a SOC. Todays’ post dive in to details of a SOC which makes use of a SIEM system. To get clarified the relationship between the two, let’s get in to the business without any further ado. What is a SOC? Image Source: https://cybrhawk.com/security-operations-center/ SOC stands for Security Operation Center, which is a centralized unit that deals with security on an organizational level. This centralized unit includes people, processes and technologies in continually monitoring organizations’ security posture. SOC has its objectives as preventing, analyzing, and responding to cybersecurity incidents. SOC brings the organizations’ IT security monitoring and incident response activities in to a single location and hold the responsibility of handling internal breaches and cyber-attacks. The Importance of Having a SOC Organizations, regardless of their size is always subjected to cyberattacks, malware infection...
Read more

CYBER SECURITY IN PANDEMIC TIMES

Image
  With the rise of the pandemic Covid-19 from the early months of 2020, the whole world is adopting a new norm of working online, let that be business community or academic community. The world is compelled to carry out the day to day lives online, making information the most valuable and precious asset than any other time in the history. The work from home approach, the companies adopted has led for many cyber-attacks. This turn of events has brought more weight to the security of information stored and transmitted in cyber space. Thus, comes the topic of cyber security under the lime light, shining brighter than ever before. What is Cyber Security? According to Cisco, Cybersecurity is the practice of protecting systems, networks, and programs from digital attacks. These cyberattacks are usually aimed at accessing, changing, or destroying sensitive information; extorting money from users; or interrupting normal business processes. It would definitely sound unbelievable if one ...
Read more

SIEM

Image
  SIEM stands for Security Information and Event Management which refers to a set of tools and services that aids security professionals with getting a helicopter view of an organizations’ information security. SIEM facilitates two aspects of security: Collection of data from multiple log files, analysis and report supplication on security threats and events – Security Information Management (SIM) Real time system monitoring, threat monitoring, event correlation and incident response – Security Event Management (SEM) SIEM tools which play an important role in an organizations’ information security eco system, collects security data from organizations’ security infrastructure, host systems, applications, network and security devices such as firewalls and antivirus filters.   SIEM Work Break Down The processes carried out by the SIEM software can be observed in following steps: Collection of data from various sources Security data from sources of network security infor...
Read more