Organizations should consider red, blue and purple teaming, penetration testing services, and bug bounty programs to expose attackers and strengthen their security posture.
To celebrate the anniversary of its Vulnerability Reward Program and ensure the next 10 years are just as successful and collaborative, Google announced the launch of its new platform, bughunters.google.com. The new site brings all VRPs (Google, Android, Abuse, Chrome and Play) closer together and provides a single intake form that makes it easier for bug hunters to submit issues.
Facebook has fixed a critical flaw in the Facebook Messenger for Android messaging app. Natalie Silvanovich of Google’s Project Zero reported the bug to the Facebook bug bounty program. The bug could have allowed a sophisticated attacker logged in on Messenger for Android to simultaneously initiate a call and send an unintended message type to someone logged in on Messenger for Android and another Messenger client (i.e. web browser).
By embracing the diverse community of hackers and tapping into their passion, you can significantly reduce your company’s risk profile. Keep reading for some tips, insights and best practices for engaging with the hacker community.
