It’s a terrible way to take your company rank on these security forums.
When a company does that (pretend like they discovered the issue to avoid paying a bounty), they often end up on a shit list where bored hackers pentest them for funsies and then release the vulnerability in the wild.
Source: Im on the team at my job that pays hackers and their streams frequently broadcast shitty companies that refuse to pay.
It’s a terrible way to take your company rank on these security forums.
When a company does that (pretend like they discovered the issue to avoid paying a bounty), they often end up on a shit list where bored hackers pentest them for funsies and then release the vulnerability in the wild.
Source: Im on the team at my job that pays hackers and their streams frequently broadcast shitty companies that refuse to pay.