Bug bounties ... generally a decent idea but one of those ideas that gets broken in the implementation pretty easily. I got a peek at a start-up that is aiming to serve the under-served, the mid-market enterprises with bug-bounty-as-a-service (BBaaS?) in a way that may not only be sustainable, but may actually deliver some badly needed business value. Take a look...
Calculating risk -- and what to do about it -- has long been one of the most difficult parts of computer security. On the one hand, you don't want to apply so much security that it ties operations in knots. On the other, the risks of insufficient protection can be catastrophic. So how do you quantify risk and apply the right amount of resources to offset potential threats?
Post from: Trendlabs Security Intelligence Blog - by Trend Micro
The Risks of the Out of Office Notification