Looking for awesome video content? Check out the YesWeHack channel on YouTube! ✅ From recap videos of our live hacking events to customer stories and hunter interviews, we've got plenty to keep you entertained this summer. 🌞😎 See for yourself 👉 https://lnkd.in/e8v8cm_S #YouTube #BugBounty #YesWeHack
YesWeHack
Sécurité informatique et des réseaux
Global Bug Bounty & Vulnerability Management Platform
À propos
YesWeHack est une plateforme globale de Bug Bounty et de gestion des vulnérabilités. Fondée par des hackers éthiques en 2015, YesWeHack connecte les organisations du monde entier à des dizaines de milliers de hackers éthiques, dont l’objectif est de découvrir les vulnérabilités potentielles au sein de sites web, applications mobiles, appareils connectés et infrastructures numériques. Nos clients bénéficient d'un système de triage réalisé en interne, d'un accompagnement sur mesure, d’un modèle agile et adaptable à chaque contexte, et d'un paiement basé sur les résultats. Parmi eux figurent ZTE, Tencent, La Poste Suisse, Orange France et le ministère français des Armées. La plateforme YesWeHack offre une gamme de solutions intégrées, basées sur des API : le Bug Bounty (recherche de vulnérabilités via une approche crowdsourcée) ; la Politique de Divulgation de Vulnérabilités, VDP (création d'un canal sécurisé pour le signalement de vulnérabilités externes) ; le Pentest Management (gestion des rapports de pentest issus de différentes sources) ; l'Attack Surface Management (cartographie continue de l’exposition numérique et détection des vecteurs d'attaque) ; ainsi que le "Dojo" et YesWeHackEDU (formation au hacking éthique). YesWeHack se conforme à des exigences strictes en matière de sécurité, de traçabilité financière et de respect de la vie privée. Les services de YesWeHack sont certifiés ISO 27001, ISO 27017 et accrédités CREST. L'infrastructure de YesWeHack s'appuie sur un hébergement privé basé en UE, conforme au RGPD et répondant aux normes les plus strictes : ISO 27001, ISO 27017, ISO 27018, ISO 27701 et SOC II Type 2. La plateforme YesWeHack est également soumise en permanence à un programme public de Bug Bounty. Pour en savoir plus, rendez-vous sur www.yeswehack.com
- Site web
-
https://www.yeswehack.com
Lien externe pour YesWeHack
- Secteur
- Sécurité informatique et des réseaux
- Taille de l’entreprise
- 51-200 employés
- Siège social
- Paris
- Type
- Société civile/Société commerciale/Autres types de sociétés
- Fondée en
- 2015
- Domaines
- Bug Bounty, cybersecurity, Coordinated Vulnerability Disclosure, Ethical Hacking, Bug Hunting, Crowdsourced security, Application Security, Agility et DevSecOps
Lieux
-
Principal
Paris, FR
-
068914 Singapore, Singapore, SG
-
1005 Lausanne, Lausanne, CH
Employés chez YesWeHack
-
Alexandra Pailhes, CFA
Head of Investments - Open CNP
-
Mo Elaisati
🏴☠️ Talent Acquisition Director @ YesWeHack ⏩ EU #1 Bug Bounty & VDP Platform 🚀 (Paris/Rennes/Rouen/Singapore)
-
Lionel Pascaud
Sales Manager chez YesWeHack
-
Kevin Gallerin
CEO APAC at YesWeHack ⠵ 🚀 Global Bug Bounty & Vulnerability Disclosure | Connecting your organisation to a global community of cybersecurity experts
Nouvelles
-
💡 More secure development and improved internal OffSec practices are not the most obvious benefits of #BugBounty, but should not be overlooked. Addressing peers at an event we held in Stockholm, George Medhurst from risk-management giant DNV said a YesWeHack #BugBounty Program not only uncovered many serious vulnerabilities, but helped the security team automate their own vulnerability hunt and developers avoid creating new vulnerabilities. Learn about the other perks of running a Bug Bounty Program in DNV’s customer success story 👉 https://lnkd.in/eqPQb-Hs
-
One every 17 minutes – that’s how often a new entry is published on the Common Vulnerabilities and Exposures (CVE) database, according to a new report. 😲 This Skybox research also reveals that 25% of new CVEs are exploited on the same day they were published. 👇 With cyber budgets tight, compliance risk increasing and the average time-to-patch now 100+ days, security teams are increasingly leveraging #BugBounty to detect and remediate vulnerabilities continuously and cost-effectively (our pricing is results-based!). ➡ https://lnkd.in/g5hPmw6W Our #AttackSurfaceManagement solution, meanwhile, takes vulnerability management to the next level – providing continuous visibility of an organisation's digital footprint, automated prioritisation of vulnerabilities, and the tools to tackle critical bugs at scale. ➡ https://lnkd.in/giKWzvyE
-
Catch us in Kuala Lumpur over the next three days 💪 Visit YesWeHack booth 6503 at Cyber DSA to meet Eileen Neo, Ming Kwang (MK) Teoh and Isabella Chee. Learn about how our #BugBounty and #VulnerabilityManagement solutions can enhance your organisation's #cybersecurity. Swing by, say hi and grab yourself some exclusive swag! 🎁 #EthicalHacking
-
🥁 The Dojo challenge #34 - AI Image Generator is over! Congrats to: greenhat, __init__, rafffff The swag is on its way! 🎁 #YesWeRHackers #CTF #BugBounty
Dojo challenge #34 winners!
yeswehack.com
-
Cross-site request forgery (CSRF) remains a viable vector in modern web applications despite browsers having been considerably hardened against CSRF. 🧐 That’s according to recent Doyensec research that leveraged client-side path-traversal “to resuscitate CSRF” and surface vulnerabilities in major web messaging applications. 🔥 This is obviously interesting news for ethical hackers, as is a new Burp extension from Doyensec “that provides advanced capabilities and automation for finding and exploiting Client-Side Path Traversal”. 👉 https://lnkd.in/eEkEHSRk Doyensec's Maxence Schmitt presented this novel web security research at OWASP Global Appsec Lisbon 2024. 🌐 Check out Schmitt’s fantastic writeup 👇
Exploiting Client-Side Path Traversal to Perform Cross-Site Request Forgery - Introducing CSPT2CSRF
blog.doyensec.com
-
👋 Bug hunters and aspiring hackers: Bug Bounty Bulletin, edition #4, is alive!🐞 Featuring: ⚡️ L'Oréal live hacking highlights from leHACK ⚡️ ORM leaks, CSRF via client-side path traversal, and more groundbreaking writeups spotlighted ⚡️ DEF CON 32 to debut Bug Bounty Village, DEF CON next week ⚡️ White-box penetration testing with Xdebug
Bug Bounty Bulletin #4
YesWeHack sur LinkedIn
-
When using Burp, do you find it time-consuming to scan a wide range of requests that you’ve just collected? ⏳ Don't worry, the Burp extension BCheck Helper provides a list of various pre-written BChecks to speed things up! 👇 https://lnkd.in/egQdrYRm #YesWeRHackers #BugBountyTips
-
Next week, meet us at Cyber DSA 👋 Heard about #BugBounty but not sure whether it's effective for your organisation? Visit our booth 6503 from 6-8 Aug, where Eileen Neo, Ming Kwang (MK) Teoh and Isabella Chee will share more about YesWeHack's Bug Bounty and Vulnerability Management platform! #Cybersecurity #EthicalHacking
YesWeHack goes to Malaysia for CyberDSA
yeswehack.com
-
👏 Congrats to Hanissa S, our second and final #WorldEmojiDay competition winner – for having the first report accepted on a public #BugBounty program containing emojis! A swag pack is on your way pwnii… 🎁
[GIVEAWAY CLOSED] Ready for an emoji hunt? On this #WorldEmojiDay, explore the policies of our public #BugBounty programs and find these emojis for the chance to win a swag pack: 👻🏹⚗️ Figure out which program each emoji belongs to (one program per emoji) and list all 3 programs in the comments below this post. We'll draw lots from all the correct answers and announce the winner tomorrow at 10am. Good luck 👇 PS: Because we’re feeling extra generous today, another swag pack will be awarded to the first accepted report on any of our public programs containing an emoji (there are 7 overall)! ✅
YesWeHack - Global Bug Bounty & Vulnerability Management Platform
yeswehack.com