[Owasp-board] Bugcrowd for OWASP Projects

Jim Manico jim.manico at owasp.org
Fri Jan 15 23:08:27 UTC 2016


I feel that overall we've been doing a lot of free advertising for 
bugcroud. I think they should be treated like an *vendor* (paying us for 
advertisement), and not a service provider (we pay them to use their 

If we want to pay them as a service provider, then I feel we should do 
an open RFC and let the other bounty platforms bid.

- Jim

On 1/15/16 4:06 AM, Josh Sokol wrote:
> Bugcrowd sponsored the Austin Security Professionals Happy Hour last 
> night and I had a brief conversation with one of their account guys.  
> He mentioned to me that they were working with Sarah in the past on a 
> possible barter sponsorship of OWASP.  He mentioned something like a 
> Silver sponsorship in exchange for using Bugcrowd's platform for 
> managing the testing of OWASP projects.  Since there has been some 
> discussions around that in the past, I figured it was worthwhile to at 
> least bring it to the group for discussion. I would assume that we 
> would still be responsible for paying out bounties, but they would 
> donate the management of the program to us.  I'm happy to get the 
> conversation started if we'd be interested or tell him no if we're 
> not.  I'd be interested in hearing your thoughts.
> ~josh
> _______________________________________________
> Owasp-board mailing list
> Owasp-board at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-board

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20160115/81b58866/attachment.html>

More information about the Owasp-board mailing list