Introducing the Overstock.com Vulnerability Disclosure Program
For nearly two decades, online retail pioneer Overstock.com has used technology to help its customers find the home goods and furniture they want, at the best possible prices. As part of its efforts to maintain its customers’ trust through accountable and transparent IT Security practices, Overstock regularly engages with the security community and participates in
How strong should your Master Password be? For World Password Day we’d like to know
This blog first appeared on 1Passwords’ blog, and is written by customer Jeffrey Goldberg, Chief Defender Against the Dark Arts at 1Password. Just how strong should a 1Password Master Password be? We recommend that Master Passwords be generated using our wordlist generator using passwords that are four words long. This gets you something like “napery turnip speed
Launching the Netflix Public Bug Bounty Program
This customer blog post originally appeared on Netflix’s Tech Blog, written by Sunil Agrawal, Scott Behrens, Dave King, Astha Singhal, Patrick Thomas, Andy Hoernecke, Madan Sriraman. Netflix’s goal is to deliver joy to our 117+ million members around the world, and it’s the security team’s job to keep our members, partners and employees secure. We have
Bugcrowd and Fitbit partner to launch public security bug bounty program
This customer blog originally appeared on Fitbit’s engineering blog, written by Katie Foster, security engineer at Fitbit. Fitbit has always been committed to protecting consumer privacy and keeping data safe. Our internal security team is constantly testing our products for vulnerabilities as we strive to continuously strengthen our security. And, as our devices become more
Secret Program to Offer Rewards up to $250K
At Bugcrowd, we’ve long said that managed bug bounty programs allow organizations of any size or stage of security maturity to realize the benefits of a bug bounty program. This is why we’ve provided managed programs from day one and why I’m especially excited by today’s news. Today we are recruiting for a Secret customer
Dash Launches Bug Bounty Program with Bugcrowd
This week, the Dash Bug Bounty program launched privately on the Bugcrowd platform, which means selected Bugcrowd researchers have been invited to study the Dash Core software for the purpose of identifying bugs and vulnerabilities. For the first couple of weeks the program will run privately, and then it will be opened to the public so that any white-hat hacker
Bromium Launches Private Bug Bounty Program
For too long, security has been an inhibitor for end users. In fact, in our recent survey, we found that 94% of security professionals are more concerned about getting work done than about security. Security should not limit the business, it should enable it.
Why We’re Letting 60,000 Bugcrowd Security Researchers Ethically Hack Us
At Atlassian, security is baked into the product development lifecycle. We employ an entire team of security engineers who build threat models, review code, and test our systems. Building and maintaining products that keep our customers safe is a team effort.
Centrify’s Bug Bounty Program with Bugcrowd
It’s an exciting time to be in information security. Black hats are attacking more web sites, constructing more 0-day threats and phishing more credentials and payment data. The proliferation of smart IoT devices and new technologies create opportunities for malicious activities. Nation State actors and the vulnerabilities they exploit are gaining visibility.
