This customer blog post originally appeared on Netflix’s Tech Blog, written by Sunil Agrawal, Scott Behrens, Dave King, Astha Singhal, Patrick Thomas, Andy Hoernecke, Madan Sriraman. Netflix’s goal is to deliver joy to our 117+ million members around the world, and it’s the security team’s job to keep our members, partners and employees secure. We have
This customer blog originally appeared on Fitbit’s engineering blog, written by Katie Foster, security engineer at Fitbit. Fitbit has always been committed to protecting consumer privacy and keeping data safe. Our internal security team is constantly testing our products for vulnerabilities as we strive to continuously strengthen our security. And, as our devices become more
The new version of Qualys Web Application Scanning, WAS 5.7, adds an integration with Bugcrowd for centralized viewing and triaging of both WAS automated vulnerability detections and vulnerabilities submitted by Bugcrowd’s approved security researchers.
The SecureDrop engineering team welcomes the contributions of security researchers. SecureDrop is relied on by sources to talk with journalists at dozens of news organizations, many of whom are taking significant risks to bring information to the public eye. We want to do everything we can to make the whistleblowing process as safe for them
Our driving purpose at Ibotta is to reward our users with cash rebates that make a difference in their lives. They have entrusted their earnings with us, and it’s our responsibility to do our best to safeguard their accounts.
At Atlassian, security is baked into the product development lifecycle. We employ an entire team of security engineers who build threat models, review code, and test our systems. Building and maintaining products that keep our customers safe is a team effort.
This post original ran on the (ISC)² blog on June 1, 2017: Since 2013, (ISC)² has been a partner of Bugcrowd, running a public bug bounty program and offering CPE credits to our members. Bugcrowd is a leading provider of crowdsourced security and bug bounty programs, connecting organizations with more than 50,000 independent security researchers to identify
It’s an exciting time to be in information security. Black hats are attacking more web sites, constructing more 0-day threats and phishing more credentials and payment data. The proliferation of smart IoT devices and new technologies create opportunities for malicious activities. Nation State actors and the vulnerabilities they exploit are gaining visibility.
This post originally appeared on the Sophos Blog here. Adversarial relationships between vendors and security researchers used to be common. Researchers would report a bug and the vendor – not all but certainly more than a few – would drag its feet in patching the problem. Then, the researcher would make the findings public and the