Bug bounty programs were a major topic of discussion during a panel I moderated on risk management at the Money20/20 finance and tech conference in Las Vegas a couple weeks ago. These programs compensate hackers for poking holes in a company's products and finding and reporting any vulnerabilities to the people who can fix them. Ideally, they help companies root out flaws in their code and hardware, making the world safer for businesses and consumers.
My panelists were Philip Martin, head of security at Coinbase, the cryptocurrency exchange privately valued at $8 billion, and M?rten Mickos, CEO of HackerOne, a startup that helps companies set up and manage bug bounty programs. (Coinbase has had a bug bounty program in place since its founding in 2012; it's a customer of HackerOne.)