How to maximize ROI of Bug Bounties and penetration tests

I’ve been doing security bug hunting, penetration tests and managing in-house bug bounty programs for various companies, for over half a decade already. During that time I learnt that it doesn’t really happen too often that hiring company knows exactly what to do with security engagements results. I’d like to help and suggest what you … Continue reading How to maximize ROI of Bug Bounties and penetration tests

BugBounties changed InfoSec world for better

Graphic from tripwire.comJust four years ago, before that Bug Bounty madness started off for real, many companies had pathetic security posture. Okay, let’s be real here, most organizations, because many isn’t emphasizing enough. In just 4 years the raise of security awareness and general improvements of organisations security posture are really prominent. I’ll show you … Continue reading BugBounties changed InfoSec world for better