BugBounties changed InfoSec world for better

Graphic from tripwire.comJust four years ago, before that Bug Bounty madness started off for real, many companies had pathetic security posture. Okay, let’s be real here, most organizations, because many isn’t emphasizing enough. In just 4 years the raise of security awareness and general improvements of organisations security posture are really prominent. I’ll show you … Continue reading BugBounties changed InfoSec world for better →

Pentests vs BugBounty for startups and SMBs

I’ve been thinking quite a lot about coming up with a series of articles on how to secure small and medium organizations from the ground up. It was waiting for the right moment and it’s time to start it out, especially that very recently this question appeared on Peerlyst where I’ve put my $0.02 on … Continue reading Pentests vs BugBounty for startups and SMBs →

Software complexity as an enemy of security

Graphic from pautasso.infoThese days it’s unlikely for a company to not use 3rd party online products. Each day we are heavily relying on messaging apps, online data storage, team collaboration tools like issue tracking systems and many other apps. This is fine, we need all these to boost our productivity, but in my experience it … Continue reading Software complexity as an enemy of security →