Collaborate Disseminate
Synack launched an API pentesting capability powered by its global community of elite security researchers. Organizations can now rely on the Synack platform for continuous pentesting coverage across “headless” API endpoints that lack a use… Continue reading Synack’s API pentesting capability empowers users to verify exploitable API vulnerabilities
Government and financial service sectors globally are the most hack-resistant industries in 2020, according to Synack. Government and financial services scored 15 percent and 11 percent higher, respectively, than all other industries in 2020. Governmen… Continue reading What are the most hack-resistant industries?
For more than two years, the Pentagon’s research arm has been working with engineers to beef up the security of computer chips before they get deployed in weapons systems or other critical technologies. Now, the research arm — the Defense Advanced Research Projects Agency (DARPA) — is turning the hardware over to elite white-hat hackers who can earn up to $25,000 for bugs they find. The goal is to throw an array of attacks at the hardware so its foundations are more secure before production. “We need the researchers to really roll their sleeves up and dig into what we’re doing and try to break it,” said Keith Rebello, a DARPA program manager. Hardware hacks often involve identifying vulnerabilities in how a computer chip handles information, like the flaw uncovered in Intel microprocessors in March that could have allowed attackers to run malicious code early in the boot process. While software bug bounties are ubiquitous in […]
The post DARPA invites hackers to break hardware to make it more secure appeared first on CyberScoop.
Continue reading DARPA invites hackers to break hardware to make it more secure
Synack announced that it raised $52 million in Series D funding to transform security testing through its crowdsourced platform powered by the world’s most skilled ethical hackers who work with proprietary Synack technology to accelerate the hunt for c… Continue reading Synack raises $52M to transform security testing through its crowdsourced platform
A large percentage of organizations and institutions are moving toward a rigorous, continuous testing model to ensure compliance, a Synack report reveals. As part of this shift toward continuous testing, organizations are utilizing crowdsourced securit… Continue reading The rise of continuous crowdsourced security testing for compliance
While much of the attention around California’s recently passed Assembly Bill 5 (AB5) has focused on the future for Uber and Lyft drivers, bug bounty contractors working in California could also argue they’re covered under the law when it goes into effect next year. California Gov. Gavin Newsom on Sept. 18 signed AB5, which changes how employers can classify independent contractors and employees. Bug bounty firms rely on freelance hackers to use their platforms and identify or help mitigate software vulnerabilities. Many government agencies and Fortune 500 companies use the platforms — and the cheap labor that comes with it — as a way to close a portion of their cybersecurity gaps. The extent to which the law, which goes into effect Jan. 1, is applicable to bug bounty freelancers will hinge on an individual’s specific professional situation, employment attorneys told CyberScoop. Yet, the grey area in which these freelance […]
The post California’s new labor law is going to impact bug bounty companies. By how much is unknown. appeared first on CyberScoop.
Synack, the most trusted leader in crowdsourced penetration testing, announces the availability of the market’s first comprehensive crowdsourced penetration test designed specifically for government, by offering a bug bounty-based vulnerability discove… Continue reading Synack launches a new crowdsourced penetration test designed specifically for government
The debate on how we should best use Artificial Intelligence is ongoing, but no one can argue against its benefits when used to augment human work. Take self-driving cars: when Artificial Intelligence is used alongside humans, it provides features like… Continue reading Synack integrates crowdsourced human intelligence and AI for “smart” security testing
Synack, the most trusted crowdsourced security testing platform and top choice of major enterprises and governments, becomes the only crowdsourced penetration testing company to offer secure and managed workspaces with endpoint control. LaunchPoint+ ex… Continue reading Synack introduces secure and managed workspaces with endpoint control
Chief information security officers working at high-profile enterprises know their jobs are as much about guarding their organization’s brand reputation and trust as they are about IT security. But to ensure that trust, CISOs need to know whether their security investments are actually working, and that calls for having metrics that matter to senior management, according to a new report. “It’s all about measurement,” says Home Depot CISO Stephen Ward, in remarks quoted in “The 2019 Trust Report,” released by Synack. “CISOs need a way to present security to their executive team and board in a way that clearly demonstrates and measures business risk to the organization. The executive team doesn’t want to talk about security — they want to talk about risk.” The report provides CISOs with a framework for using data from their security programs to gain a clearer sense of their organization’s ability to withstand damaging cyberattacks […]
The post How to demonstrate trust in cybersecurity practices with organization leaders appeared first on CyberScoop.
Continue reading How to demonstrate trust in cybersecurity practices with organization leaders