Crowdsourced pay-per-bug model is reactive. Penetration tests are preventive. So... | Hacker News

Hacker News new | past | comments | ask | show | jobs | submit

login

andersonmvd on Jan 28, 2016 | parent | context | favorite | on: Show HN: Building a Market for Penetration Testing

Crowdsourced pay-per-bug model is reactive. Penetration tests are preventive. So you're talking about different services for different stages. Penetration test is performed prior to release to production and after released, a crowdsource pay-per-bug takes place to stimulate white hats rather than black hats.

kenbaylor on Jan 28, 2016 [–]

Well described. Also pen testing is a litmus test that can be done anytime. The vuln models are for the few companies who have made great progress in squishing bugs and are taking a very proactive approach. Unfortunately that is still a small percentage of companies

Consider applying for YC's W25 batch! Applications are open till Nov 12.
Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact