"We're thrilled to support Western Union both in their efforts to scale and manage their bug bounty program, and as they continue to pioneer the way for financial institutions of all sizes."īugcrowd is a successful vulnerability assessment platform that recorded increased revenue (11.3x) from 2013 to 2014. "Traditionally, financial institutions have been slow to adopt the crowdsourced security model, but the online world has grown so quickly and the cyberattacks against consumers have been so aggressive, it's clear the risk isn't going away," said Casey Ellis, CEO and co-founder of Bugcrowd.
No system can be proven to have zero vulnerabilities, so continuous testing at this level of depth is great." Not only will they take a URL and test it for many days, but they have also found what other systems have not identified. To see a list of all excluded items click Here.ĭavid Levin, Western Union’s director of information security, said: " testers dig deep in their testing. They are descriptive error messages, brute-force attacks on the login and password reset pages, clickjacking, self-XSS, cross-site request forgery (CSRF) on pages available to anonymous users, logout CSRF, and flaws related to SSL settings. However, there are items that are not eligible for the reward. Researchers who report bugs can earn between $500 and $5,000. However, the company has now decided to make its program public to allow all of the 15,000 researchers who have signed up on the crowdsourced security testing platform to report flaws. The company has had a bounty program in place since 2014 on Bugcrowd, but it was private. Western Union, the financial services and communications company, has announced an expanded bug bounty reward program.
0 kommentar(er)
