skip to Main Content

Topic: Bugcrowd News

Beginning my Bugcrowd Journey

Bugcrowd Appoints David Baker As Vice President Of Operations

Today, as I embark on a new journey with Bugcrowd, I reflect on the most common question I have heard: “why leave Okta?”  It’s a good question. I am honored to have served as the Chief Security Officer at Okta, building a world-class security program for a truly innovative company. Moreover, the ride at Okta was meteoric and I know they will continue on their path to world domination. But now, it’s time for disruption. To be more specific, the opportunity to completely change the information security industry. That is where Bugcrowd is going – and that train is leaving the station with me on it.

Read More

XSS Bugs that Prove the Danger in ‘XSS-Fatigue’

XSS-Fatigue: Realities and Pitfalls

Cross-Site Scripting was ‘discovered’ in 1999, and since then, has appeared in just about every ‘top-ten most common vulnerabilities’ list. The frequency and longevity of XSS in headlines, POCs and vulnerability databases over the past 10+ years have thrown us into ‘XSS-fatigue.’ In our own annual report this year, we reported that of all vulnerabilities submitted through Bugcrowd programs, over 25% were classified as XSS. In this post, we’ll explore the idea of XSS-fatigue, why XSS bugs are still so prevalent, and some examples in which XSS were incredibly high impact, proving that XSS-fatigue is founded not in quality, but perception.

Read More
Learn More About The Day in The Life of a Pen Tester ( Episode 4 )Register Now
+
Back To Top