BugBounties changed InfoSec world for better

Graphic from tripwire.comJust four years ago, before that Bug Bounty madness started off for real, many companies had pathetic security posture. Okay, let’s be real here, most organizations, because many isn’t emphasizing enough. In just 4 years the raise of security awareness and general improvements of organisations security posture are really prominent. I’ll show you … Continue reading BugBounties changed InfoSec world for better

Root cause analysis haters, obedience lovers and myopic players

Oh, throwing money and people at a problem doesn't solve it for good? We've all been there and seen that. If you haven't yet, then sooner or later you'll find yourself(or someone else) in that position. By the way, I get it that sometimes you just need more people to put in more working hours … Continue reading Root cause analysis haters, obedience lovers and myopic players

Pentests vs BugBounty for startups and SMBs

I’ve been thinking quite a lot about coming up with a series of articles on how to secure small and medium organizations from the ground up. It was waiting for the right moment and it’s time to start it out, especially that very recently this question appeared on Peerlyst where I’ve put my $0.02 on … Continue reading Pentests vs BugBounty for startups and SMBs

Don’t stress about being the next Zuck

... maybe just work for him? Being a number two, three, or four in someone else's organization is really fine. I want to share with you something that may appear trivial but I wish someone had told me this years back. That would have saved me all that stress and anxiety trying to achieve something … Continue reading Don’t stress about being the next Zuck