Join the hosts of The Inverted Podcast for our first ever in-person recording as they dive into the world of bug bounty programs with special guest Marcel Eyer from GoBugFree in Zurich. In this episode, the team discusses the evolution of bug bounty platforms, the importance of external security testing, and the challenges companies face when deciding between public and private bounty programs. You’ll hear real-world insights on triaging bug reports, managing researcher relationships, and the pressures of timely vulnerability disclosure. The conversation explores how bug bounty programs fit into broader security strategies, their role in building developer skills, and the impact of AI and cloud technologies on vulnerability trends. The hosts also tackle the business side—how companies measure return on investment, set expectations for zero-day discoveries, and foster a thriving community of ethical hackers.
