wanderlustmyx

Not likely :) Hi everyone, Mary here from Customer Success.

As part of the launch and follow up process for our customers, we evaluate a customer’s policy, bounty structure, and scope and will provide advice if we think there’s not enough scope for hackers. For more difficult scopes, we can also do hacker matching.

Additionally, our hackers are pretty mighty! In most scenarios, a customer can expect their first bug after 24 hours of inviting hackers.

Great question. Yes, it's part of Customer Success' responsibility to look at the activity levels of our customers, especially when hackers notify us of any particular activity that we should address. We have in the past notified teams that we will be turning off their program due to negative interactions such as long periods of unresponsiveness to hackers. This is an active area we keep a close eye on.

Cat goes meow

It happens when the team decides to take a break for a lightening round of ping pong!

Absolutely! From my experience working with security teams, I know of one company who hired their top hacker to become their bug bounty program manager. I know of another company who actively tried to recruit a hacker from their bug bounty program. The security industry is always looking for great talent.