Beyond the Bugs: Enhancing Bug Bounty Programs through Academic Partnerships

Kód výsledku v IS VaVaI

<a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F00216224%3A14220%2F24%3A00139897" target="_blank" >RIV/00216224:14220/24:00139897 - isvavai.cz</a>

Výsledek na webu

<a href="https://dl.acm.org/doi/10.1145/3664476.3670455" target="_blank" >https://dl.acm.org/doi/10.1145/3664476.3670455</a>

DOI - Digital Object Identifier

<a href="http://dx.doi.org/10.1145/3664476.3670455" target="_blank" >10.1145/3664476.3670455</a>

Jazyk výsledku

angličtina

Název v původním jazyce

Beyond the Bugs: Enhancing Bug Bounty Programs through Academic Partnerships

Popis výsledku v původním jazyce

This paper explores the growing significance of vulnerability disclosure and bug bounty programs within the cybersecurity landscape, driven by regulatory changes in the European Union. The effectiveness of these programs relies heavily on the expertise of participants, presenting a challenge amid a shortage of skilled cybersecurity professionals, particularly in less sought-after sectors. To address this issue, the paper proposes a collaborative approach between academia and bug bounty issuers. By integrating bug bounty programs into cybersecurity courses, students gain practical skills and soft skills essential for bug hunting and cybersecurity work. The collaboration benefits both issuers, who gain manageable manpower, and students, who receive valuable hands-on experience. A pilot conducted during the current academic year yielded positive results, indicating the potential of this approach to address the demand for skilled cybersecurity professionals. The insights gained from the pilot inform future considerations and advancements in this collaborative model.

Název v anglickém jazyce

Beyond the Bugs: Enhancing Bug Bounty Programs through Academic Partnerships

Popis výsledku anglicky

This paper explores the growing significance of vulnerability disclosure and bug bounty programs within the cybersecurity landscape, driven by regulatory changes in the European Union. The effectiveness of these programs relies heavily on the expertise of participants, presenting a challenge amid a shortage of skilled cybersecurity professionals, particularly in less sought-after sectors. To address this issue, the paper proposes a collaborative approach between academia and bug bounty issuers. By integrating bug bounty programs into cybersecurity courses, students gain practical skills and soft skills essential for bug hunting and cybersecurity work. The collaboration benefits both issuers, who gain manageable manpower, and students, who receive valuable hands-on experience. A pilot conducted during the current academic year yielded positive results, indicating the potential of this approach to address the demand for skilled cybersecurity professionals. The insights gained from the pilot inform future considerations and advancements in this collaborative model.

Druh

D - Stať ve sborníku

CEP obor

—

OECD FORD obor

50501 - Law

Projekt

<a href="/cs/project/VJ03030052" target="_blank" >VJ03030052: Rozvoj kapacit v oblasti kyberbezpečnosti</a><br>

Návaznosti

P - Projekt vyzkumu a vyvoje financovany z verejnych zdroju (s odkazem do CEP)

Rok uplatnění

2024

Kód důvěrnosti údajů

S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů

Název statě ve sborníku

ARES '24: Proceedings of the 19th International Conference on Availability, Reliability and Security

ISBN

9798400717185

ISSN

—

e-ISSN

—

Počet stran výsledku

8

Strana od-do

1-8

Název nakladatele

Association for Computing Machinery

Místo vydání

New York

Místo konání akce

Vídeň

Datum konání akce

1. 1. 2024

Typ akce podle státní příslušnosti

WRD - Celosvětová akce

Kód UT WoS článku

001283894700099