We advocate for a centralized Bug Bounty Program of Last Resort to support critical open-source projects and smaller vendors unable to fund their own.

Analysis of leaked account numbers and impacts from major data breaches in Swiss industry and government, highlighting cyber threats from software vulnerabilities and insights into Swisscom’s Bug Bounty program.

Cybersecurity relies on coordinated vulnerability disclosure, but the black market offers large rewards for the same data. We explore the economics of denying cyber criminals access to new vulnerabilities.