Looking for awesome video content? Check out the YesWeHack channel on YouTube! ✅ From recap videos of our live hacking events to customer stories and hunter interviews, we've got plenty to keep you entertained this summer. 🌞😎 See for yourself 👉 https://lnkd.in/e8v8cm_S #YouTube #BugBounty #YesWeHack
YesWeHack
Computer- und Netzwerksicherheit
Global Bug Bounty & Vulnerability Management Platform
Info
YesWeHack ist eine führende Plattform für Bug Bounty Programme und Schwachstellen-Management. 2015 von ethischen Hackern gegründet, verbindet YesWeHack weltweit Organisationen mit zehntausenden ethischen Hackern, die Schwachstellen in Websites, mobilen Applikationen, vernetzten Geräten und digitaler Infrastruktur aufdecken. Bug Bounty-Programme profitieren von interner Triage, personalisiertem Support, einem anpassbaren Modell und einer leistungsbasierten Preisgestaltung. Zu den Kunden gehören ZTE, Tencent, die Schweizerische Post, Orange France und das französische Verteidigungsministerium. Die YesWeHack-Plattform bietet eine Reihe von integrierten, API-basierten Lösungen: Bug Bounty (Offenlegung von Schwachstellen durch Crowdsourcing); Vulnerability Disclosure Policies (Erstellung und Verwaltung eines sicheren Kanals für externe Schwachstellenberichte); Pentest Management (Verwaltung von Pentest-Berichten aus allen Quellen); Attack Surface Management (kontinuierliche Erfassung der Online-Exponierung und Erkennung von Angriffsvektoren); 'Dojo' und YesWeHackEDU (Training für ethische Hacker). YesWeHack erfüllt die strengen Anforderungen an Sicherheit, finanzielle Rückverfolgbarkeit und Datenschutz. Die Dienstleistungen von YesWeHack sind ISO 27001- und ISO 27017-zertifiziert und von CREST akkreditiert. Die Infrastruktur von YesWeHack nutzt EU-basiertes, GDPR-konformes privates Hosting, das die strengsten Standards erfüllt: ISO 27001, ISO 27017, ISO 27018, ISO 27701 und SOC II Typ 2. Die YesWeHack-Plattform unterliegt außerdem permanent einem öffentlichen Bug Bounty-Programm. Erfahren Sie mehr unter www.yeswehack.com
- Website
-
https://www.yeswehack.com
Externer Link zu YesWeHack
- Branche
- Computer- und Netzwerksicherheit
- Größe
- 51–200 Beschäftigte
- Hauptsitz
- Paris
- Art
- Privatunternehmen
- Gegründet
- 2015
- Spezialgebiete
- Bug Bounty, cybersecurity, Coordinated Vulnerability Disclosure, Ethical Hacking, Bug Hunting, Crowdsourced security, Application Security, Agility und DevSecOps
Orte
-
Primär
Paris, FR
-
Singapore, Singapore 068914, SG
-
Lausanne, Lausanne 1005, CH
Beschäftigte von YesWeHack
-
Alexandra Pailhes, CFA
Head of Investments - Open CNP
-
Mo Elaisati
🏴☠️ Talent Acquisition Director @ YesWeHack ⏩ EU #1 Bug Bounty & VDP Platform 🚀 (Paris/Rennes/Rouen/Singapore)
-
Lionel Pascaud
Sales Manager chez YesWeHack
-
Kevin Gallerin
CEO APAC at YesWeHack ⠵ 🚀 Global Bug Bounty & Vulnerability Disclosure | Connecting your organisation to a global community of cybersecurity experts
Updates
-
💡 More secure development and improved internal OffSec practices are not the most obvious benefits of #BugBounty, but should not be overlooked. Addressing peers at an event we held in Stockholm, George Medhurst from risk-management giant DNV said a YesWeHack #BugBounty Program not only uncovered many serious vulnerabilities, but helped the security team automate their own vulnerability hunt and developers avoid creating new vulnerabilities. Learn about the other perks of running a Bug Bounty Program in DNV’s customer success story 👉 https://lnkd.in/eqPQb-Hs
-
-
One every 17 minutes – that’s how often a new entry is published on the Common Vulnerabilities and Exposures (CVE) database, according to a new report. 😲 This Skybox research also reveals that 25% of new CVEs are exploited on the same day they were published. 👇 With cyber budgets tight, compliance risk increasing and the average time-to-patch now 100+ days, security teams are increasingly leveraging #BugBounty to detect and remediate vulnerabilities continuously and cost-effectively (our pricing is results-based!). ➡ https://lnkd.in/g5hPmw6W Our #AttackSurfaceManagement solution, meanwhile, takes vulnerability management to the next level – providing continuous visibility of an organisation's digital footprint, automated prioritisation of vulnerabilities, and the tools to tackle critical bugs at scale. ➡ https://lnkd.in/giKWzvyE
-
Catch us in Kuala Lumpur over the next three days 💪 Visit YesWeHack booth 6503 at Cyber DSA to meet Eileen Neo, Ming Kwang (MK) Teoh and Isabella Chee. Learn about how our #BugBounty and #VulnerabilityManagement solutions can enhance your organisation's #cybersecurity. Swing by, say hi and grab yourself some exclusive swag! 🎁 #EthicalHacking
-
-
🥁 The Dojo challenge #34 - AI Image Generator is over! Congrats to: greenhat, __init__, rafffff The swag is on its way! 🎁 #YesWeRHackers #CTF #BugBounty
Dojo challenge #34 winners!
yeswehack.com
-
Cross-site request forgery (CSRF) remains a viable vector in modern web applications despite browsers having been considerably hardened against CSRF. 🧐 That’s according to recent Doyensec research that leveraged client-side path-traversal “to resuscitate CSRF” and surface vulnerabilities in major web messaging applications. 🔥 This is obviously interesting news for ethical hackers, as is a new Burp extension from Doyensec “that provides advanced capabilities and automation for finding and exploiting Client-Side Path Traversal”. 👉 https://lnkd.in/eEkEHSRk Doyensec's Maxence Schmitt presented this novel web security research at OWASP Global Appsec Lisbon 2024. 🌐 Check out Schmitt’s fantastic writeup 👇
Exploiting Client-Side Path Traversal to Perform Cross-Site Request Forgery - Introducing CSPT2CSRF
blog.doyensec.com
-
👋 Bug hunters and aspiring hackers: Bug Bounty Bulletin, edition #4, is alive!🐞 Featuring: ⚡️ L'Oréal live hacking highlights from leHACK ⚡️ ORM leaks, CSRF via client-side path traversal, and more groundbreaking writeups spotlighted ⚡️ DEF CON 32 to debut Bug Bounty Village, DEF CON next week ⚡️ White-box penetration testing with Xdebug
Bug Bounty Bulletin #4
YesWeHack auf LinkedIn
-
When using Burp, do you find it time-consuming to scan a wide range of requests that you’ve just collected? ⏳ Don't worry, the Burp extension BCheck Helper provides a list of various pre-written BChecks to speed things up! 👇 https://lnkd.in/egQdrYRm #YesWeRHackers #BugBountyTips
-
-
Next week, meet us at Cyber DSA 👋 Heard about #BugBounty but not sure whether it's effective for your organisation? Visit our booth 6503 from 6-8 Aug, where Eileen Neo, Ming Kwang (MK) Teoh and Isabella Chee will share more about YesWeHack's Bug Bounty and Vulnerability Management platform! #Cybersecurity #EthicalHacking
YesWeHack goes to Malaysia for CyberDSA
yeswehack.com
-
👏 Congrats to Hanissa S, our second and final #WorldEmojiDay competition winner – for having the first report accepted on a public #BugBounty program containing emojis! A swag pack is on your way pwnii… 🎁
[GIVEAWAY CLOSED] Ready for an emoji hunt? On this #WorldEmojiDay, explore the policies of our public #BugBounty programs and find these emojis for the chance to win a swag pack: 👻🏹⚗️ Figure out which program each emoji belongs to (one program per emoji) and list all 3 programs in the comments below this post. We'll draw lots from all the correct answers and announce the winner tomorrow at 10am. Good luck 👇 PS: Because we’re feeling extra generous today, another swag pack will be awarded to the first accepted report on any of our public programs containing an emoji (there are 7 overall)! ✅
YesWeHack - Global Bug Bounty & Vulnerability Management Platform
yeswehack.com