Threatpost's Lindsey O'Donnell talks with Christie Terrill, partner at Bishop Fox, about what kind of companies are looking at bug bounty programs versus conducting penetration testing, what these methods mean for vulnerability disclosures, and the legal nuances and complexities behind bug bounty programs.