Here is an article which outlines details on an opinion about bug bounties. This same article was word for word posted to a mailing least at breachexchange@lists.riskbasedsecurity.com by Audrey McNeil. Article is located here: http://edmdigest.com/opinion/the-cybersecurity-bug-bounty-crusade/<p>I've assumed that this is a good practice based on personal professional experience and what I hear discussed in broader circles. This piece has a slight taste of distrust for the practice and carefully chooses words like 'Crusade', which don't carry a positive connotation.<p>Is it on target and how close to the ideal is it?
I realize that the article url in text is not transformed to a clickable url, here it is as a comment: <a href="http://edmdigest.com/opinion/the-cybersecurity-bug-bounty-crusade/" rel="nofollow">http://edmdigest.com/opinion/the-cybersecurity-bug-bounty-cr...</a>