Beyond the Bugs: Enhancing Bug Bounty Programs through Academic
Partnerships

D 2024

Beyond the Bugs: Enhancing Bug Bounty Programs through Academic Partnerships

KRIŠTOFÍK, Andrej, Jakub VOSTOUPAL, Kamil MALINKA, František KASL, Pavel LOUTOCKÝ et. al.

Základní údaje

Originální název

Beyond the Bugs: Enhancing Bug Bounty Programs through Academic Partnerships

Autoři

KRIŠTOFÍK, Andrej, Jakub VOSTOUPAL, Kamil MALINKA, František KASL a Pavel LOUTOCKÝ

Vydání

New York, ARES '24: Proceedings of the 19th International Conference on Availability, Reliability and Security, od s. 1-8, 8 s. 2024

Nakladatel

Association for Computing Machinery

Další údaje

Jazyk

angličtina

Typ výsledku

Stať ve sborníku

Obor

50501 Law

Stát vydavatele

Spojené státy

Utajení

není předmětem státního či obchodního tajemství

Forma vydání

elektronická verze "online"

Odkazy

URL

Organizační jednotka

Právnická fakulta

DOI

http://dx.doi.org/10.1145/3664476.3670455

Klíčová slova anglicky

Cybersecurity; Bug Bounty; ethical hacking; education; curriculums

Příznaky

Mezinárodní význam, Recenzováno

Změněno: 1. 8. 2024 16:07, Mgr. Andrej Krištofík

Anotace

V originále

This paper explores the growing significance of vulnerability disclosure and bug bounty programs within the cybersecurity landscape, driven by regulatory changes in the European Union. The effectiveness of these programs relies heavily on the expertise of participants, presenting a challenge amid a shortage of skilled cybersecurity professionals, particularly in less sought-after sectors. To address this issue, the paper proposes a collaborative approach between academia and bug bounty issuers. By integrating bug bounty programs into cybersecurity courses, students gain practical skills and soft skills essential for bug hunting and cybersecurity work. The collaboration benefits both issuers, who gain manageable manpower, and students, who receive valuable hands-on experience. A pilot conducted during the current academic year yielded positive results, indicating the potential of this approach to address the demand for skilled cybersecurity professionals. The insights gained from the pilot inform future considerations and advancements in this collaborative model.

Návaznosti

VJ03030052, projekt VaV

Název: Rozvoj kapacit v oblasti kyberbezpečnosti

Investor: Ministerstvo vnitra ČR, Rozvoj kapacit v oblasti kyberbezpečnosti

Citovat

KRIŠTOFÍK, Andrej, Jakub VOSTOUPAL, Kamil MALINKA, František KASL a Pavel LOUTOCKÝ. Beyond the Bugs: Enhancing Bug Bounty Programs through Academic Partnerships. Online. In ARES '24: Proceedings of the 19th International Conference on Availability, Reliability and Security. New York: Association for Computing Machinery, 2024, s. 1-8. Dostupné z: https://dx.doi.org/10.1145/3664476.3670455.

@inproceedings{2421138,
   author = {Krištofík, Andrej and Vostoupal, Jakub and Malinka, Kamil and Kasl, František and Loutocký, Pavel},
   address = {New York},
   booktitle = {ARES '24: Proceedings of the 19th International Conference on Availability, Reliability and Security},
   doi = {http://dx.doi.org/10.1145/3664476.3670455},
   keywords = {Cybersecurity; Bug Bounty; ethical hacking; education; curriculums},
   howpublished = {elektronická verze "online"},
   language = {eng},
   location = {New York},
   pages = {1-8},
   publisher = {Association for Computing Machinery},
   title = {Beyond the Bugs: Enhancing Bug Bounty Programs through Academic Partnerships},
   url = {https://dl.acm.org/doi/10.1145/3664476.3670455},
   year = {2024}
}

TY  - JOUR
ID  - 2421138
AU  - Krištofík, Andrej - Vostoupal, Jakub - Malinka, Kamil - Kasl, František - Loutocký, Pavel
PY  - 2024
TI  - Beyond the Bugs: Enhancing Bug Bounty Programs through Academic Partnerships
PB  - Association for Computing Machinery
CY  - New York
KW  - Cybersecurity
KW  - Bug Bounty
KW  - ethical hacking
KW  - education
KW  - curriculums
UR  - https://dl.acm.org/doi/10.1145/3664476.3670455
N2  - This paper explores the growing significance of vulnerability disclosure and bug bounty programs within the cybersecurity landscape, driven by regulatory changes in the European Union. The effectiveness of these programs relies heavily on the expertise of participants, presenting a challenge amid a shortage of skilled cybersecurity professionals, particularly in less sought-after sectors. To address this issue, the paper proposes a collaborative approach between academia and bug bounty issuers. By integrating bug bounty programs into cybersecurity courses, students gain practical skills and soft skills essential for bug hunting and cybersecurity work. The collaboration benefits both issuers, who gain manageable manpower, and students, who receive valuable hands-on experience. A pilot conducted during the current academic year yielded positive results, indicating the potential of this approach to address the demand for skilled cybersecurity professionals. The insights gained from the pilot inform future considerations and advancements in this collaborative model.
ER  -

KRIŠTOFÍK, Andrej, Jakub VOSTOUPAL, Kamil MALINKA, František KASL a Pavel LOUTOCKÝ. Beyond the Bugs: Enhancing Bug Bounty Programs through Academic Partnerships. Online. In \textit{ARES '24: Proceedings of the 19th International Conference on Availability, Reliability and Security}. New York: Association for Computing Machinery, 2024, s.~1-8. Dostupné z: https://dx.doi.org/10.1145/3664476.3670455.

Podrobný výpis o publikaci