Distinctions between Responsible Disclosure and Bug Bounty Programs, focusing on incentives, formalization, and legal exposure.