skip to Main Content

Topic: Cybersecurity News

Product Security Challenges and Opportunities: Insights from Adobe’s VP and CSO, Brad Arkin

Last week we launched our 2017 CISO Investment Blueprint which analyzes survey responses from 100 security decision makers regarding the current state of application security. In addition to the survey results, we’ve chatted with several innovators in the security industry to get their thoughts on appsec today and the future.

Over the next couple of weeks, we’ll be publishing these interviews, filled with insights around the challenges and opportunities present for security decision-makers in 2017. We welcome your feedback and observations as well! Tweet us or shoot us an email to share your thoughts.

Read More

CISO Q&A: Kim Green

This week we launched our 2017 CISO Investment Blueprint which analyzes survey responses from 100 security decision makers regarding the current state of application security. In addition to the survey results, we’ve chatted with several innovators in the security industry to get their thoughts on appsec today and the future.

Over the next couple of months, we’ll be publishing these interviews, filled with insights around the challenges and opportunities present for security decision-makers in 2017. We welcome your feedback and observations as well! Tweet us or shoot us an email to share your thoughts.

Read More

Top 2017 AppSec Tools

At the close of 2016, we surveyed 100 CISOs and decision makers to get a sense of their 2017 security priorities. The full report will be released next week. In the meantime, you can learn more about a few of the top application security focus areas and challenges in our previous post. This post will build on those trends, diving into specific tools and best practices appsec organizations are using.

Read More

Ongoing coverage of wide-scale ransom attack in progress: How to protect Internet-facing data stores

[Update] Active attacks now include: MongoDB, Elasticsearch and Hadoop.

Two weeks ago the Internet was hit with the first in what has become a frightening trend of ransom attacks. This first attack affected fewer than 200 MongoDB installations and for the most part flew under the radar given the meager sum requested by the attacker (0.2 Bitcoins). However, this attack marked a significant shift in ransom attack model and just two weeks later we’re seeing a major escalation of this model and its impact.

Read More

2017 Bug Bounty Resolutions

The new year is a great time to reflect on the past year and set new goals for the year ahead. To help the Bugcrowd community achieve success in 2017, we’ve outlined a few New Year’s resolutions for bug hunters and bug bounty program managers. Have other resolutions? We want to hear what they are! Tweet us.

Read More

Bug Bounty: Part of This Complete Breakfast

In the past several months, bug bounties have gained popularity in the press and have been adopted with increasing velocity by enterprise organizations. Along with this popularity, the bug bounty model has also received some criticism, and various actors within the industry have raised some very good questions. In keeping with our commitment to transparency, honesty, and education, we thought it was as good as time as any to discuss two specific areas that have cropped up in the past several months, quality and impact, through examining some misconceptions about bug bounties.

Read More

Is the Heartbleed Exploit Out Yet?

In short, Yes. A list of POCs are provided below. If we're missing anything let us know via Twitter @bugcrowd, and we'll add it to the list and credit you for helping out. Last update: 30 April 2014 6:07 PDT Unless…

Read More
Back To Top