Participative Security. The impacts of bug bounty on digital vulnerability management at Swiss Post and beyond.

Principal Investigators: David Bozzini and Luca Perrig

 

Image created by AI Adobe Firefly

This project aims at documenting and analyzing how the implementation of a bug bounty program has impacted vulnerability management at Swiss Post. Participative security has certainly improved vulnerability management, but it also redefined various processes and structures at play in the company. The objective of this project is to identify the new rationalities and social dynamics that are at play in collective engagement related to vulnerability management. 

 

Funding: UniFr and Swisspost 

Duration: 2024-2024 (8 months)