Not so long ago, only a few companies were able to launch a bug bounty program, since a full-time multidisciplinary team was required to efficiently implemented. Today, there are several online alternatives that offer their clients certain infrastructures and the ability to contact white hat hackers, acting merely as intermediaries and not offering any value-added service.
Tarlogic approaches this type of services as an complete management of the program in every single phase, so it can be seamlessly integrated as an additional data source to the already existing client’s vulnerability management processes, using the same interfaces – issue ticketing tool, reporting system, etc.
Tarlogic will provide you with a team of experts to handle technical and program coordination tasks. The team will be flexible, and the number of dedicated analysts will depend on the volume of reports received, as well as their complexity.
A full-time assigned team leader will be the only contact person. This leader will be familiar with your organization, as well as the different departments involved with the system flaws resolution, since he will also be in charge of coordinating and executing the follow-up activities. In any case, your company’s CISO will determine the level of integration with the company’s existing management processes and tools, or whether an ad-hoc service is preferred.