LinkedIn says private bug bounty program works for it better

LinkedIn plans to continue closely vetting researchers for its bug bounty rewards program, saying it reduces the number of distracting erroneous and irrelevant reports.

The decision to keep its program private “gives our strong internal application security team the ability to focus on securing the next generation of LinkedIn’s products while interacting with a small, qualified community of external researchers,” wrote Cory Scott, LinkedIn’s director of information security, in a blog post.

Security researchers with vetted backgrounds are invited to participate, which allow them to have the same experience as if they were on LinkedIn’s internal security team, Scott wrote.

To read this article in full or to leave a comment, please click here