undefined | Better HN

0 pointsjcims5y ago0 comments

> The bug value also shows how much Slack here values their security, and makes me wary of them if I was in the place to be a customer of theirs.

Most directly it shows how they value a bug bounty program. There are companies that spend hundreds of millions of dollars per year and have thousands of people in their infosec program that don’t have bug bounty programs.

You can extrapolate that to how they value security but that’s not necessarily directly correlated.

0 comments

albntomat05y ago

>There are companies that spend hundreds of millions of dollars per year and have thousands of people in their infosec program that don’t have bug bounty programs.

Such as?

jcimsOP5y ago

Large banks in the US.

j / k navigate · click thread line to collapse