To be it just sounds like they're offering a bespoke bounty programme.
If you can assume that they are reporting the exploits or breaches through the right channel, it might actually be more convenient for bounty hunters to have 1 place to funnel them all into.
If the Comparitech also make some profit off their reporting of the breaches then you can start to get an idea of where they're getting some funding from.
I am fine with this practice.. It incentivises more grey/white hat eyes on potential breaches. And in my book, thats never a bad thing.
Given how public they are about their methods and approach, I will give them the benefit of the doubt for now..
If you can assume that they are reporting the exploits or breaches through the right channel, it might actually be more convenient for bounty hunters to have 1 place to funnel them all into.
If the Comparitech also make some profit off their reporting of the breaches then you can start to get an idea of where they're getting some funding from.
I am fine with this practice.. It incentivises more grey/white hat eyes on potential breaches. And in my book, thats never a bad thing.
Given how public they are about their methods and approach, I will give them the benefit of the doubt for now..