Skip to content
← home

tag

#vulnerability-disclosure

12 posts
Security

Vulnerability value modifiers

There are a few globally and truly external modifiers to the marketplace-defined value of a vulnerability.…

30 Aug 2019 · 1 min read

My DEF CON/Vegas moves

It has been an amazing week so far, but as we drop from “suite and wingtips” mode to “hoodie and sneakers” mode I’d…

08 Aug 2019 · 1 min read
Security

7 Years and counting…

In 2012, Bugcrowd set out to create a radical cybersecurity advantage and level the playing field between attackers and defenders. As one of the…

16 May 2019 · 1 min read
Security

My moves during the RSAC/BSides SF circus

Quick post re where I’ll be speaking and attending while the infosec/cyberz are in town for RSA Conference and B-Sides: ps…

02 Mar 2019 · 1 min read

Happy 6th Birthday @bugcrowd

6 years ago today I got off a plane armed with a bunch of notes. I’d spent a week meeting with pen-testing…

01 Sep 2018 · 1 min read
vulnerability-disclosure

Thoughts on the vault7 CIA/Wikileaks disclosures

Wikileaks’ release of thousands of confidential CIA documents today is yet another demonstration of our just how vulnerable the cybersecurity domain is. Unless we…

07 Mar 2017 · 2 min read
vulnerability-disclosure

On the U.S. Government and bug bounties

My favorite thing about going to conferences is establishing the underlying trends behind the questions I’m asked. We’re only half-way through…

06 Mar 2016 · 3 min read
Security

3 years, 20,000 Security Researchers & 200 Clients later...

2012 was the year that almost every industry, banking, education, government, big tech and even security, was hacked. Many, if not all of these…

08 Oct 2015 · 3 min read
vulnerability-disclosure

disclose.io — Driving safety, simplicity, and standardization in vulnerability disclosure.

disclose.io is a collaborative and vendor-agnostic project to standardize best practices around safe harbour for good-faith security research. The project expands…

22 Jul 2014 · 1 min read
Security

Bugcrowd — the Premier Crowdsourced Cybersecurity platform.

Bugcrowd is the premiere crowdsourced security platform. More enterprise organizations trust Bugcrowd’s Crowdcontrol platform to manage their bug bounty, vulnerability disclosure, and next-…

31 Aug 2012 · 1 min read
Security

Why the Smb Is Most at Risk from ms12-010

There’s a lot of hubbub going around about the recent vulnerability from Microsoft. It’s called MS12-020 and it affects the Remote…

18 Mar 2012 · 5 min read
Security

Rdpcheck Checks Your Network for the New Rdp Vulnerability

We’ve created a tool at RDPCheck to help you test your exposure to an attack from the outside on Microsoft’s recent MS12-…

05 Mar 2012 · 1 min read