Gearing ratios are used as Business Drivers to forecast long term financial goals by function.
The gearing ratio for bug bounty expenditure is as follows:
An illustration: GitLab is worth 2.5 billion and a significant compromise can cost GitLab $250 million. 1% ratio = $2.5 million budget. Likewise, 1% of budget = $25,000 top reward
Approximate monthly budget should be set at total budget divided by 12. It should be understood that our bug bounty payouts are largely unpredictable and fluctuate based on the following:
This gearing ratio is owned by the Security Engineering and Research Sub-department.
SIRT is the sole carrier of the Security On-Call (SEOC) rotation, which ensures that there's a page-able Security Engineer 24/7/365. The baseline and gearing ratio for the size of the SIRT have been agreed on as outlined below:
This gearing ratio is owned by the Security Operations Sub-department.