Bug Bounties and DevOps Security

View
304
Download
0
Category

Technology

Preview:

DESCRIPTION

A short slideshare on how bug bounty programs can bring continuous security testing to a DevOps environment.

Citation preview

Bug Bounties &

DevOps Security

www.crowdcurity.com

CrowdCurity

”If you are always pushing new code aren’t you

potentially introducing new vulnerabilities?”

CrowdCurity

YES

CrowdCurity

But security and DevOps can work together!

Nick Galbreath (former Etsy) Integra9ng Informa9on Security Into DevOps James D. Brown Mythbus9ng: DevOps and Security

CrowdCurity

Bug Bounty?

Bug Bounty Program

$ -‐ Rewards

Bug Reports

Security testers Online Business

Open invite to security testers from around the world

Benefits of a Bug Bounty Program

Mirrors the threat Cost-effective Scaleable

CrowdCurity

…and it can provide continuous security testing for DevOps

CrowdCurity

The big brands already do it

www.crowdcurity.com

Recommended

HoliSec - Autosec · HoliSec Holistic Approach to Improve Data Security Bug Bounties – the Past and the Road Ahead Dr. Ana Magazinius, RISE Viktoria Dr. Jonas Magazinius, Assured

Documents

Automated Program Repairweb.eecs.umich.edu/~weimerw/481/lectures/se-24-repair.pdf8 Bug Bounties If you trust your triage and code review processes, anyone can submit a candidate bug

Documents

Cyber Security 2017 - Swisscom...Cyber Security 2017: Data Breaches & Bug Bounties Auteur: Swisscom Security Ce rapport a été réalisé dans le cadre d’un partenariat étroit de

Documents

God promiseth you forgiveness and bounties and God …jamiat.org.za/wp-content/uploads/2013/10/Some-Pearls-of-Wisdom.pdf · God promiseth you forgiveness and bounties and God careth

Documents

bug bounty from a program’s perspective · uber bug bounty program security.uber.com - public program started on March 22, 2016 $974,000+ (€918,478+) in bounties; 500+ reports

Documents

Design Bounties

Documents

Bug Bounties With Bash - tomnomnom.com · uniq - remove duplicate lines from stdin xargs - run a command using each line from stdin as an argument tee - copy stdin to a file and to

Documents

Associating Partners in Allah's Bounties

Documents

Bug Eat Bug World

Documents

Squashing bugs: Introduction to Bug Bounties ISSA Dehradun Chapter

Technology

Lecture 1 - Course Overview, Design as Choicetlatoza/teaching/swe621f18/lecture1.pdfWork more distributed, through crowdsourcing, hackathaons, bug bounties ... Liveness of results

Documents

Insect-damaged wheat: suni bug, cereal bug, sunn pest, wheat bug, shield bug, shell bug

Documents

The Good Earth: And all the bounties of teaching it

Documents

EXTERMINATION OE NOXIOUS ANIMALS BY BOUNTIES

Documents

Bug Bounties With Bash - TomNomNom.com · 2019-01-25 · Enumerate subdomains Check for dangling CNAMEs Request all the pages Look for things in the results Maybe then I’ll take

Documents

Bugs Entomology CDE. Order- Hemiptera Assassin bug Bed Bug Boxelder bug Brown stink bug Chinch bug Damsel bug Giant water bug Green stink bug Harlequin

Documents

Stink Bug. Minute Pirate Bug Big Eyed Bug Damsel Bug

Documents

New special bounties programs in amazon

Business

Design Bounties: Adventures in Recruiting New Free Software Ninjas

Leadership & Management

The Economics of Security Research, Bug Bounties, … › hitbsecconf2010ams › materials...The economics of security bug ﬁnding and ﬁxing are broken Chasm between awareness and

Documents