No, excluding SE is to make sure the bounty program is incentivizing things that inform the product security team. Social engineering is a corpsec function; they're not even the same teams.
No, excluding SE is to make sure the bounty program is incentivizing things that inform the product security team. Social engineering is a corpsec function; they're not even the same teams.