BugBounties changed InfoSec world for better

Graphic from tripwire.com

Just four years ago, before that Bug Bounty madness started off for real, many companies had pathetic security posture. Okay, let’s be real here, most organizations, because many isn’t emphasizing enough. In just 4 years the raise of security awareness and general improvements of organisations security posture are really prominent.

I’ll show you proofs one day, I’m just lazy and can’t push myself to migrate bug reports in high profile companies from mail archive to the blogposts. But I promise to do it, so everyone can get a sense of how webapps world looked like just 3–4 years ago and how vulnerable everything was to anyone willing to spend a fifteen minutes looking for bugs. Continue reading “BugBounties changed InfoSec world for better”