Katie Moussouris is the founder and CEO of Luta Security, which helps organizations create vulnerability coordination programs. She says organizations running such programs should avoid thinking of these efforts as quick-fix “bug bounty Botox” to be repeated ad nauseam. Instead, she recommends using such crowdsourced programs to improve the “secure development and deployment life cycle,” focusing on “building a sustainable ecosystem” and hiring some of the best people reporting these flaws. The dark side of relying on the gig economy for bug hunting is the dark side, she says.”]
Source: https://www.cuinfosecurity.com/so-you-want-to-build-vulnerability-disclosure-program-a-14859