HackerOne’s 2018 Hacker-Powered Security Report showed that the average award for critical vulnerabilities has increased.

More companies are looking to adopt “safe harbor” language in their bug bounty programs to build trust with participants.

Mickos sat down with Threatpost’s Lindsey O’Donnell to talk about bug bounty program opportunities, challenges, and ultimately how programs are evolving. 

Can bug bounty programs be designed to protect consumer privacy and how do programs balance white hat disclosure versus companies sitting on vulnerabilities until they are fixed?

An unnamed firm is paying up to $250,000 for vulnerabilities related to its virtualization platform.

The Tor Project is launching a public bug bounty program to encourage security researchers to responsibly report issues they find in the software.

HackerOne released its first report on its bug bounty program, and reveals an industry shift toward enlisting hackers for better cybersecurity.

Twitter fixed a flaw in its Twitter Ads service could have allowed an attacker to tweet as any user.

The Hack the Air Force bug bounty program invites white hats from inside and outside the U.S. to hack its websites.

GitHub awarded $18,000 to a researcher after he came across a remote code execution bug in the company’s enterprise management console.