Get Paid to Participate - up to $1 per post!     Twitter     Facebook
Hosting Discussion

forgot password?



  Post #1 (permalink)   10-12-2018, 01:49 AM
HD Newbie
Join Date: Oct 2017
Posts: 31

Status: bountysite is offline
I have been going back and forth on how to provide Bug Bounty program for Hosting.

Bounty Program is a reward program where security researchers get paid for discovering and reporting software bugs.
So, the idea is to get paid for every severe threat/new malware in site. The site is backed up and all scans are run offline. The customer is notified and charged bounty 1$, and can then fix by applying our free patches or upgrade/fix on his/her own. This only works for open source applications.

I am stuck with how to charge customers.
1) Customer can pre buy 5 bounties(at 1$ each) with 5 year validity and max 5$ cap per year(beyond which all are free). On exhaustion, customer would have to refill.

Bounty model makes sense for a customer, for a proactive security measure. From our perspective, this model works for large scale customers. Patch Manager can be made free.

2) Give everything as backup service and price accordingly. We loose the fun of Bounty.

The truth about security is nobody can guarantee 100% security. With Bounty model, we are only charging customer for a True positive threat/malware. It is worth every penny for a customer, and it is servicable.

What is your take on this?
BountySite: Website Threat Hunting Platform
Every website deserves security

Last edited by bountysite : 10-12-2018 at 01:54 AM. Reason: forgot to mention backup

Thread Tools

New Post New Post   Old Post Old Post
Posting Rules:
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
vB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On
Sponsored By: