What is a Vulnerability Disclosure Policy and Why You Need One
What is a Vulnerability Disclosure Policy and Why You Need One

Vulnerability disclosure policies (VDPs) are increasingly popular among many different types of industries. This blog explores why organizations of all shapes and sizes need an avenue to openly communicate with ethical hackers. To learn more about VDPs, visit HackerOne at Cyber Security Chicago, booth 300.

118 Fascinating Facts from HackerOne’s Hacker-Powered Security Report 2018
118 Fascinating Facts from HackerOne’s Hacker-Powered Security Report 2018

HackerOne recently published the Hacker-Powered Security Report 2018, the most comprehensive report on hacker-powered security. It is the largest repository of hacker activity and vulnerability data on display in a comprehensive report. We pulled the top 118 fascinating facts from the report. Visit us at booth 300, Cyber Security Chicago, to chat with our team and learn more.

The Voices of Vulnerability Disclosure: Look Who’s Talking About VDPs
The Voices of Vulnerability Disclosure: Look Who’s Talking About VDPs

Vulnerability disclosure policies (VDPs) are critical to reduce risk. The quotes below are compiled from industries in a variety of sectors on how important VDPs have been to help them reduce risk and control what used to be chaotic. To learn more about VDPs, visit HackerOne at Cyber Security Chicago, booth 300.

Are you prepared to defend your network?
Are you prepared to defend your network?
Just as employees expect to work in a physically safe space, they also expect that their digital work is taking place on a secure network. They want to feel that their hard work crunching company data will be protected from hackers seeking to steal or manipulate the information, and they want to be able to trust that the files they receive from their coworkers are safe. IS professionals are the knights tasked with protecting their companies’ digital realms from invaders to ensure a safe working community.
Advanced threats call for advanced solutions
Advanced threats call for advanced solutions

Just when cyber security professionals figure out how to combat and guard against one type of attack, another stronger malware attacks an unsuspecting — and unprepared — network. Newer, more evolved attacks are designed to skirt antivirus software and firewalls and access a targeted network. 

IAM and PIM Stop Hackers at the Gate
IAM and PIM Stop Hackers at the Gate

Identity and access management tends to be a balancing act for information technology professionals. They want their networks to be secure, but they don’t want to deal with complaints from fellow employees that it is cumbersome and too time-consuming to log on to a network. For example, frequently changed, hard-to-remember passwords might be a hindrance to workers, but they often are crucial for blocking hackers from accessing a network.

Good Insights From The (Almost) Bad Guys
Good Insights From The (Almost) Bad Guys

With more and more data stored online these days, hackers have plenty of reasons to attack company networks to modify or steal data and even hold it for ransom. Cybint Solutions , a cyber security and legal support organization, estimates that a cyber attack happens every 39 seconds. This means that companies and websites are being bombarded by malicious users. It’s easier for information security professionals to thwart these attacks when they are launched head-on from the outside. Unfortunately, more and more attacks are occurring on the inside through social engineering, which makes them harder to predict and prevent. 

Defending Data in the Cloud
Defending Data in the Cloud

Cloud computing is one of the hottest trends in IT today. Cloud adoption is at its peak, with 81 percent of cloud-using companies employing a multi-cloud approach and only 5 percent of companies not using any cloud solutions, according to Right Scale. The average company accesses about 5 private and public clouds, which can include AWS (64 percent of companies), Azure (45 percent), Google Cloud (18 percent), IBM Cloud (10 percent), VMware Cloud on AWS (8 percent), Oracle Cloud (6 percent) and Alibaba Cloud (2 percent), according to its “2018 State of the Cloud Report .”

Can DevSecOps stop the app hackers?
Can DevSecOps stop the app hackers?

As developers are tasked with churning out new applications in record amounts of time, cyber security professionals are left with less time to check for cyber security holes and protect these apps against hackers and other potential breaches. This means that apps often have lengthy windows of vulnerability until cyber security issues are uncovered and addressed. The 2017 “Application Security Statistics Report ” by WhiteHat Security reports that approximately 50 percent of applications are vulnerable every single day of the year.

Malware is dominating the sandbox
Malware is dominating the sandbox

At parks and playgrounds, a sandbox is a relatively safe place to play. Little children who tend to fall will softly land on a cushiony pile of sand. The enclosed space also gives them room to experiment with how sand tools, toys, and their own hands and feet interact with the sand environment. A different kind of sandbox offers the same safe experimental environment in the IT world.

Why Facebook's data controversy could happen to your company
Why Facebook's data controversy could happen to your company

Facebook recently has been at the center of a media controversy as allegations have surfaced that Cambridge Analytica inappropriately obtained data from around 50 million Facebook users, used this data to influence the 2016 presidential election, and failed to delete the data upon Facebook’s request.