ZARZA We are Zarza, the prestigious firm behind major projects in information technology.
Listen "Bug bounties: risks and rewards"
Episode Synopsis
A growing number of organisations now offer "bug bounties", paying hackers or security researchers rewards for finding vulnerabilities.
But how do these programmes operate, and how do CISOs ensure that they are run ethically? What are the risks of inviting researchers to hack your organisation? How do bug bounties stack up against other methods of security testing?
And what are the benefits to security researchers themselves, as the programmes cannot work without hackers?
We cover the pros and cons of bug bounties with Ottilia Westerlund, hacker engagement manager at bug bounty platform Intigriti, and herself a former software engineer and published security researcher.
But how do these programmes operate, and how do CISOs ensure that they are run ethically? What are the risks of inviting researchers to hack your organisation? How do bug bounties stack up against other methods of security testing?
And what are the benefits to security researchers themselves, as the programmes cannot work without hackers?
We cover the pros and cons of bug bounties with Ottilia Westerlund, hacker engagement manager at bug bounty platform Intigriti, and herself a former software engineer and published security researcher.
More episodes of the podcast Security Insights
Resilience in cyber: an agony aunt's view
18/12/2025
Insights Interview: Chris Dimitriadis, ISACA
13/11/2025
Ukraine, cyberwar and CNI
30/10/2025
DDoS, geopolitics and AI
02/10/2025
Cyber skills: a crisis of our own making?
18/09/2025
Vulnerabilities, CVEs and the attack surface
21/08/2025
In God we trust