HackerOne – Page 6 – WindowsTechs.com

HackerOne Celebrates $100 Million in Bounties Paid

Posted on May 28, 2020 by Silviu STAHIE

HackerOne, a bug bounty platform used by numerous companies and people around the world, just celebrated a new milestone, reaching $100 million in bounties paid. The term “hacker” might be associated in popular culture with malicious intent… Continue reading HackerOne Celebrates $100 Million in Bounties Paid→

Hackers awarded $100 million in bug bounties on the HackerOne platform

Posted on May 28, 2020 by Industry News

HackerOne announced that hackers have earned $100 million in bug bounties on the HackerOne platform. From $30,000 paid to hackers across the globe in October 2013 — the first month of bounty payments on HackerOne — to $5.9 million paid to hackers in Ap… Continue reading Hackers awarded $100 million in bug bounties on the HackerOne platform→

HackerOne achieves FedRAMP Tailored LI-SaaS authorization from U.S. federal government

Posted on May 19, 2020 by Industry News

HackerOne, the leading hacker-powered security platform, announced that it became the first and only hacker-powered security platform to achieve Federal Risk and Authorization Management Program (FedRAMP) Tailored Low Impact-Software as a Service (LI-S… Continue reading HackerOne achieves FedRAMP Tailored LI-SaaS authorization from U.S. federal government→

What Shopify has learned from five years of bug bounty programs

Posted on May 5, 2020 by cyber_admin

As a part-time hacker and full-time security engineer at Shopify, I’ve learned a lot along the way. One of the biggest takeaways I recognized early on was that I kept returning to programs run by security teams that respected me and my time, were responsive to my reports and inquiries, and were transparent in their communications and disclosures. When I first joined Shopify, we were challenged to scale our team alongside our relatively new bug bounty program. I was excited to bring my insights and improve upon a program that hackers would engage with. Our goal has always been to build upon the success of our hacker-powered security programs with a concerted effort to promote transparency and attract talent. With the extra sets of eyes, we are able to implement more checks and balances to harden our attack surfaces. We attribute much of our success to our work as an […]

The post What Shopify has learned from five years of bug bounty programs appeared first on CyberScoop.

Continue reading What Shopify has learned from five years of bug bounty programs→

Critical GitLab Flaw Earns Bounty Hunter $20K

Posted on April 29, 2020 by Lindsey O'Donnell

A GitLab path traversal flaw could allow attackers to read arbitrary files and remotely execute code. Continue reading Critical GitLab Flaw Earns Bounty Hunter $20K→

Tencent Ups Top Bug-Bounty Award to $15K

Posted on April 15, 2020 by Tara Seals

The Chinese ISP has expanded its program via HackerOne. Continue reading Tencent Ups Top Bug-Bounty Award to $15K→

Full-time bug hunting: Pros and cons of an emerging career

Posted on April 7, 2020 by Mirko Zorz

Being a bug hunter who discloses their discoveries to vendors (as opposed to selling the information to the highest bidder) has been and is an ambition of many ethical hackers. Before vendors started paying for the info, the best they could hope for wa… Continue reading Full-time bug hunting: Pros and cons of an emerging career→

HackerOne cuts ties with mobile voting firm Voatz after it clashed with researchers

Posted on March 30, 2020 by Sean Lyngaas

HackerOne, a company that pairs ethical hackers with organizations to fix software flaws, has kicked mobile voting vendor Voatz off its platform, citing the vendor’s hostile interactions with security researchers. It is the first time in its eight-year existence that HackerOne, which works with companies from AT&T to Uber, has expelled an organization from its security program. The decision comes after Voatz assailed the motives of MIT researchers who found flaws in the company’s voting app. “After evaluating Voatz’s pattern of interactions with the research community, we decided to terminate the program on the HackerOne platform,” a HackerOne spokesperson told CyberScoop. “We partner with organizations that prioritize acting in good faith towards the security researcher community and providing adequate access to researchers for testing.” It is the latest security-related setback for Voatz, which is trying to make inroads in a market dominated by traditional voting machine manufacturers. In the last […]

The post HackerOne cuts ties with mobile voting firm Voatz after it clashed with researchers appeared first on CyberScoop.

Continue reading HackerOne cuts ties with mobile voting firm Voatz after it clashed with researchers→

Slack fixes account-stealing bug

Posted on March 17, 2020 by Danny Bradbury

Slack has fixed a bug that allowed attackers to hijack user accounts by tampering with their HTTP sessions. Continue reading Slack fixes account-stealing bug→

Hacking has become a viable career, according to HackerOne

Posted on February 28, 2020 by Help Net Security

HackerOne announced findings from the 2020 Hacker Report, which reveals that the concept of hacking as a viable career has become a reality, with 18% describing themselves as full-time hackers, searching for vulnerabilities and making the internet safe… Continue reading Hacking has become a viable career, according to HackerOne→