Critical Thinking - Bug Bounty Podcast
Episode 30: Recon Legend Shubs - From Burgers to Bounties
Aug 3, 2023
Renowned bug bounty hunter Shubs shares his journey from burgers to bugs and his love of collaboration. The podcast covers topics such as the art of debugging, ethics and economics of bug bounty hunting, the transition to Entrepreneur, and the evolution of Assetnote from a reconnaissance tool to enterprise security software suite.
01:19:25
Episode guests
AI Summary
AI Chapters
Episode notes
Podcast summary created with Snipd AI
Quick takeaways
- Bug bounty hunters employ strategic reporting decisions to optimize earnings, considering factors like ethics, relationships, and security improvement.
- Transferrable skills from bug bounty hunting to entrepreneurship include the ability to navigate diverse responsibilities and tackle different challenges.
Deep dives
Bug bounty economics and reporting
Bug bounty hunters face strategic decisions around reporting multiple vulnerabilities and optimizing their earnings. Options include reporting all vulnerabilities together, reporting one by one, or waiting to report vulnerabilities until after earlier ones have been patched. The approach depends on the bug hunter's goals, ethics, and relationship with the program. Reporting a vulnerability as a zero-day may result in less payment, so some bug hunters omit that information from their reports. The bug bounty economics are complex and involve considerations of relationships, ethics, and security improvement.
Remember Everything You Learn from Podcasts
Save insights instantly, chat with episodes, and build lasting knowledge - all powered by AI.
