Considering a bug bounty policy for ethical hackers? Let's weigh things up. Beltug Debate Room.

Location:virtual meeting



Security has never been higher in our members' priorities. Especially as, with the sudden and massive increase in homeworking, vulnerabilities are piling up and potential incidents are right around the corner.



One tool to identify weaknesses is a Coordinated Vulnerability Disclosure Policy (CVDP). This is a set of rules that allows ‘ethical hackers’ to investigate your system for flaws and then inform you about them.



Beltug cooperates with the Centre for Cybersecurity Belgium (CCB), to share information that can support our members’ security needs and goals. The CCB worked with intigriti to publish a ‘Guide to a Coordinated Vulnerability Disclosure Policy’ that covers both best practices and legal aspects. It includes reasons to adopt a CVDP, what should be included, the steps for creating your policy, data privacy, fraud and infractions, and more.



But there are plenty of questions and issues surrounding ethical hacking and bug bounties. So at this event, we are giving you the chance to bring up your questions and concerns. After an introduction by intigriti and the CCB, we will open the floor for debate with your peers, about the opportunities or challenges you and they see with CVDPs.









This event will be held as an interactive virtual meeting. The link will be provided in the Confirmation email.






13:30 Welcome and introduction


Ann Guinée, Communication Manager, Beltug (English)


13:40 Coordinated Vulnerability Disclosure Policies, aka ‘Bug Bounties’


After a brief introduction on the ‘how’ and ‘what’ of a CVDP, we'll have a quick glance at the 'Guide to a Coordinated Vulnerability Disclosure Policy'.


Stijn Jans, CEO, intigriti (English); Inti De Ceukelaire, Head of Hackers, intigriti (English); Valéry Vander Geeten, Legal officer and DPO, Centre for Cybersecurity Belgium (French)


14:10  Q&A: Your questions, your experience (Dutch and French)


The floor is open for your questions and for discussions with your peers. What challenges and opportunities are you concerned about regarding CVDPs? Based on this discussion, we will define potential next steps for Beltug.


If you already have a question or comment to include, feel free to send it to us in advance, to be sure it is included!


15:00 Wrap up and end



We will keep the session open after the end to enable those who wish to continue the discussions.