Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Website Bug Bounty Security pricing suggestions
I have been going back and forth on how to provide Bug Bounty program for Hosting.

Bounty Program is a reward program where security researchers get paid for discovering and reporting software bugs.
So, the idea is to get paid for every severe threat/new malware in site. The site is backed up and scans are run offline. The customer is notified and charged 1$, and can then fix by applying our free patches or upgrade/fix on his/her own. This only works for open source applications.

I am stuck with how to charge customers.
1) Customer can pre buy 5 bounties(at 1$ each) with 5 year validity and max 5$ cap per year(beyond which all are free). On exhaustion, customer would have to refill.

Bounty model makes sense for a customer, for a proactive security measure. From our perspective, this model works for large scale customers. Patch Manager can be made free.

2) Give everything as backup service and price accordingly. We loose the fun of Bounty.

The truth about security is nobody can guarantee 100% security. With Bounty model, we are only charging customer for a True positive threat/malware. It is worth every penny for a customer, and it is serviceable.

Kindly make some suggestions.
BountySite - Backup, Security and Availability for Websites

Possibly Related Threads...
Thread Author Replies Views Last Post
  Security Hong kong electric vehicles research rate $22.50 Nayem 3 45 04-10-2018, 07:52 PM
Last Post: stubcreator
  Now be part of the ICO that is going to give you the financial security you always de John Bryce 0 35 12-01-2017, 07:16 AM
Last Post: John Bryce
  CCTV Security System Justin 1 382 09-29-2014, 08:32 PM
Last Post: gourysunshine
  Security system: The different Types of Alarms Justin 1 279 09-25-2014, 07:33 PM
Last Post: gourysunshine
  What is Burglar Alarm Security ? Justin 0 203 08-31-2014, 10:01 PM
Last Post: Justin

Forum Jump:

Users browsing this thread: 1 Guest(s)