AIにより推定されたラベル
※ こちらのラベルはAIによって自動的に追加されました。そのため、正確でないことがあります。
詳細は文献データベースについてをご覧ください。
Abstract
Cybersecurity threats and vulnerabilities continue to grow in number and complexity, presenting an increasing challenge for organizations worldwide. Organizations use threat modelling and bug bounty programs to address these threats, which often operate independently. In this paper, we propose a Metric-Based Feedback Methodology (MBFM) that integrates bug bounty programs with threat modelling to improve the overall security posture of an organization. By analyzing and categorizing vulnerability data, the methodology enables identifying root causes and refining threat models to prioritize security efforts more effectively. The paper outlines the proposed methodology and its assumptions and provides a foundation for future research to develop the methodology into a versatile framework. Further research should focus on automating the process, integrating additional security testing approaches, and leveraging machine learning algorithms for vulnerability prediction and team-specific recommendations.