[Guest Post] The next era of Bug Bounty at Pinterest

This article originally appeared on Pinterest’s engineering blog, written by Devin Lundberg, Pinterest Tech Lead, Product Security. When a security researcher discovers a bug in a piece of software, the responsible thing to do is inform the company so they can fix it. And so platforms like Pinterest need to provide clear and actionable programs,

By Program Launches
Spotlight: Web Vulnerabilities

I’m often asked about the biggest bugs we see come in through the platform. It’s a natural question to ask, as big vulnerabilities elicit ideas of big headline grabbing breaches that affect millions of consumers. In reality, the vulnerabilities that lead to these big breaches are often much more naissant. And the real answer to

By Cybersecurity NewsVulnerabilities
Bugcrowd Releases Vulnerability Rating Taxonomy 1.6

Our most recent VRT Council led us through an interesting discussion, ultimately leading us to expedite the release of VRT 1.6. The release includes two major changes: revision to internal SSRF, and how we rate email spoofing, more specifically the baselines around SPF and DMARC. These changes are a direct result of how major email

By Product Updates
Bug Bytes: Week of Nov 5

This was a big week with the US election drawing concerns about election security. Despite widespread worry about election interference from state-sponsored hackers, one trend we saw in the week’s election security news was a focus on internal threats. On Tuesday, Politico reported watchdog groups and online researchers were on high alert for any signs

Movember’s Next Gen Pen Test

Since 2003, Movember has raised awareness and funds for men’s health. With more than 5 million Mo Bros and Mo Sistas around the world participating in this cause, the security of the foundation’s platform is incredibly important. Like many organizations, the Movember Foundation ran regular pen tests. However, after receiving the same results year after

By Success Stories
Learn about 4 Reasons to Swap Your Traditional Pen Test with a Next Gen Pen Test on November 27 at 10AM PSTRegister Here