OWASP TOP 10: Using Components with Known Vulnerabilities
Using components with known vulnerabilities is one of the vulnerability categories on OWASP‘s list of the ten most common vulnerabilities. A proof of concept video follows this…
Category: Mix
Hacktivity Disclosure for Private Programs
Disclosure is in the DNA of HackerOne. We call it Hacktivity and have supported public disclosure workflows of vulnerability reports since the beginning. Default to…
[Release] New modules – Detectify Blog
Security never stands still, which is why we update our service on a regular basis to help you keep up with the latest vulnerabilities. We…
Grammarly’s Bug Bounty Program Goes Public: Q&A with VP of Engineering Joe Xavier
It’s been over a year since Grammarly launched its first bug bounty program on HackerOne. It’s been a private, invite-only program ever since. That is,…
OWASP TOP 10 2013: Unvalidated Redirects and Forwards
Unvalidated redirects and forwards, also referred to as Open Redirect, is featured on OWASP‘s list of the ten most common vulnerabilities. OWASP is a non-profit organization…
GitLab’s Public Bug Bounty Program Kicks Off: Q&A with GitLab’s Kathy Wang & James Ritchey
GitLab is a single application for the entire DevOps lifecycle, making software development easier and more efficient, without sacrificing security or quality. The organization lives…
E-commerce Security – Detectify Blog
Running an e-commerce site does not only require plenty of business savvy, but also a great deal of security awareness. Retailers handle customers’ personal data…
Oath’s Big Year of Bug Bounties Capped off with NYC Live Hacking Event
The past week capped off a record year of bug bounties for Oath, the media giant which boasts a slew of dynamic brands including Yahoo,…
[Release] New dashboard and billing
This week’s release brings a completely overhauled dashboard and billing, giving you a clear overview of your scan profiles’ security status and your team’s billing details.…
Bug Bytes #200 – AI Red Teaming, Firmware and Reverse Engineering, Prompt Injection Defence
Bug Bytes is a weekly newsletter curated by members of the bug bounty community. The second series is curated by InsiderPhD. Every week, she keeps…
More Hackers Means Less To Worry About
With enough hackers, all security vulnerabilities are shallow. There is no better way to know the level of security of your systems than inviting a…
Meet Detectify! – Detectify Blog
Our schedule for the autumn and winter is quickly filling up and we’re looking forward to all the awesome events we’ll be attending! In this blog…