https://techcrunch.com/2021/04/07/the-dos-and-donts-of-bug-bounty-programs-with-katie-moussouris/

In the rush to launch, cybersecurity doesn’t always get the attention it deserves, and yet it’s one of the first things that startups learn can — and will — go wrong.

Hacker and security researchers can be some of your biggest assets in helping your startup stay secure. Vulnerability disclosure and bug bounty programs are part of working with the hacker community to build a stronger, more resilient company. But these are not a replacement for security investments, which as a growing company you should not overlook.