Star Wars – Good versus Evil

In fairy tales good always triumphs over evil. In real life that is not always the case. To remedy this, we have seen a change in how businesses work on security

In stories like The Lord of the Rings, Cinderella, and Star Wars, good always triumphs over evil. In real life, however, that is not always the case. To remedy this, we have seen a change in how businesses work on security. More and more companies receive aid from the good White Hat Hackers to fight the evil Black Hat Hackers. By utilizing Bug Bounty programs, companies can receive assistance from ethical hackers. Instead of receiving the princess and half the kingdom, hackers who manage to identify vulnerabilities, receive a great reward through the Bug Bounty program.

A Frightening Menace from the Dark Side

Hacker attacks have become more frequent, and more creative. Every day, you hear about it in the media. The demand for security expertise is steadily increasing, and the number of suppliers can’t keep up, both in Sweden and internationally. This has made it ever more important for businesses to use alternative ways of finding the expertise that they need from skilled security experts.

Basefarm’s partner Detectify knows this, and has launched a new platform, Detectify Crowdsource. On this platform, they can invite independent White Hat Hackers (people who hack with good intentions) from all over the world. The initiative was inspired by the Bug Bounty programs, where companies give ethical hackers an opportunity to help them to identify holes in their website’s security. This is a way of enhancing their own security team by using freelancing security experts and rewarding them for their discoveries. The hacker world is global, and everyone has their own specialty, for example web applications, mobile applications, IOT & firmware, API, network application, and network infrastructure.

The Light Side of the Force Musters for Battle and Strikes Back

”Detectify Crowdsource helps us in accessing the best security expertise and thus enhances our tools”, says Carl Svantesson, CMO at Detectify. ”In practice, it means that our register of identified ”vulnerabilities” in various programs and technologies becomes wider and can cover niche areas.”

Through their platform, Detectify receives ongoing reports about the latest vulnerabilities that are discovered by the invited hackers. The vulnerabilities are then built into the tool by the Detectify security team, after a thorough review. For the clients of Basefarm, it means an even more reliable security scan – Vulnerability Assessment, a solution from Detectify, and offered by Basefarm.

May the Force Be With You – Test Your Applications!

Today, it’s not just the tech companies that utilize Bug Bounty programs. The programs are also used by companies in retail, the motor industry, and in banking and finance. It is primarily companies that are especially exposed that choose to start their own Bug Bounty programs, for example through the use of platforms like Bugcrowd. They do this to test their applications and to gain access to expertise and creativity from thousands of ethical hackers.

Five steps towards an increased application security:

  1. Determine the applications that need to be tested for vulnerabilities.
  2. Start work by using an automated vulnerability tool. This is good enough for most companies. If you are a Basefarm or client, you can use Basefarm’s Vulnerability Assessment tool.
  3. Add a manual layer by engaging the hacker world in a Bug Bounty program. This is especially important if your company is exposed to hacker attacks.
  4. Always act quickly when you have identified bugs or vulnerabilities. You can do this by using an automated tool and with a Bug Bounty program. This will enable your team to have the information as soon as a bug is discovered.
  5. Work continuously on security.

About Detectify

Aiming to offer a simple and automated security solution, Detectify was founded by the world’s best White Hat Hackers in 2013. Their solution has already been named Symantec’s Security Expert of the Future and they were also included in Europe’s hottest startups 2016 by Wired. One of the founders, Frans Rosén, came in second place in “HackRead’s 10 Famous Bug Bounty Hunters of All Time”.