Doug, our battle-hardened cybersecurity veteran, has seen just about everything. But even he did a double-take when an email landed in his inbox recently: someone claimed to have found vulnerabilities on his company’s website and straight-up asked, “So, what’s the payout for this info?” Without missing a beat, Doug responded that his company doesn’t pay for vulnerabilities and requested more details. The reply? “Not a chance.” It’s a perfect example of what’s being called a “beg bounty” in the industry, and it’s becoming more common. Naturally, we at the Canadian Cybersecurity Network.com (CCN) decided to dig a little deeper to find out what’s driving this trend. Read More
