Automate what you can! 🤖 In Bug Bounty, automation is a crucial skill and will help you rapidly discover leads for potential vulnerabilities. Read the article below to learn how you can automate your tasks using Burp Suite 👇 #YesWeRHackers #BugBountyTips
YesWeHack
Sécurité informatique et des réseaux
Global Bug Bounty & Vulnerability Management Platform
À propos
YesWeHack est une plateforme globale de Bug Bounty et de gestion des vulnérabilités. Fondée par des hackers éthiques en 2015, YesWeHack connecte les organisations du monde entier à des dizaines de milliers de hackers éthiques, dont l’objectif est de découvrir les vulnérabilités potentielles au sein de sites web, applications mobiles, appareils connectés et infrastructures numériques. Nos clients bénéficient d'un système de triage réalisé en interne, d'un accompagnement sur mesure, d’un modèle agile et adaptable à chaque contexte, et d'un paiement basé sur les résultats. Parmi eux figurent ZTE, Tencent, La Poste Suisse, Orange France et le ministère français des Armées. La plateforme YesWeHack offre une gamme de solutions intégrées, basées sur des API : le Bug Bounty (recherche de vulnérabilités via une approche crowdsourcée) ; la Politique de Divulgation de Vulnérabilités, VDP (création d'un canal sécurisé pour le signalement de vulnérabilités externes) ; le Pentest Management (gestion des rapports de pentest issus de différentes sources) ; l'Attack Surface Management (cartographie continue de l’exposition numérique et détection des vecteurs d'attaque) ; ainsi que le "Dojo" et YesWeHackEDU (formation au hacking éthique). YesWeHack se conforme à des exigences strictes en matière de sécurité, de traçabilité financière et de respect de la vie privée. Les services de YesWeHack sont certifiés ISO 27001, ISO 27017 et accrédités CREST. L'infrastructure de YesWeHack s'appuie sur un hébergement privé basé en UE, conforme au RGPD et répondant aux normes les plus strictes : ISO 27001, ISO 27017, ISO 27018, ISO 27701 et SOC II Type 2. La plateforme YesWeHack est également soumise en permanence à un programme public de Bug Bounty. Pour en savoir plus, rendez-vous sur www.yeswehack.com
- Site web
-
https://www.yeswehack.com
Lien externe pour YesWeHack
- Secteur
- Sécurité informatique et des réseaux
- Taille de l’entreprise
- 51-200 employés
- Siège social
- Paris
- Type
- Société civile/Société commerciale/Autres types de sociétés
- Fondée en
- 2015
- Domaines
- Bug Bounty, cybersecurity, Coordinated Vulnerability Disclosure, Ethical Hacking, Bug Hunting, Crowdsourced security, Application Security, Agility et DevSecOps
Lieux
-
Principal
Paris, FR
-
068914 Singapore, Singapore, SG
-
1005 Lausanne, Lausanne, CH
Employés chez YesWeHack
-
Alexandra Pailhes, CFA
Head of Investments - Open CNP
-
Mo Elaisati
🏴☠️ Talent Acquisition Director @ YesWeHack ⏩ EU #1 Bug Bounty & VDP Platform 🚀 (Paris/Rennes/Rouen/Singapore)
-
Lionel Pascaud
Sales Manager chez YesWeHack
-
Kevin Gallerin
CEO APAC at YesWeHack ⠵ 🚀 Global Bug Bounty & Vulnerability Disclosure | Connecting your organisation to a global community of cybersecurity experts
Nouvelles
-
📢 CrowdSecWisdom #4 is here! Including a little light reading on… ⚡Risk-mitigation reflections on the CrowdStrike outage ⚡ A SolarWinds lawsuit ruling and the implications for CISOs ⚡ L’Oréal Bug Beauty Contest – highlights from our latest hacking event, in Paris ⚡And other offensive security insights from our own blog and elsewhere for CISOs, security teams and security-conscious devs #BugBounty #Cybersecurity #OffSec #SecOps #AppSec
CrowdSecWisdom #4
YesWeHack sur LinkedIn
-
🙌 Attendees at a DEF CON 32 workshop in Las Vegas will be using hands-on labs hosted on our very own Dojo platform. We’re proud that Akamai Technologies security researcher Ryan Barnett and cybersecurity student Isabella Barnett will be leveraging our #CTF training platform for the workshop, entitled ‘Lost in Translation – WAF Bypasses By Abusing Data Manipulation Processes’. 💪 Here’s the WAF bypass module in question, which is the handiwork of Alex B., our in-house hunter 👉 https://lnkd.in/eaQiud6r 📅 The DEF CON workshop takes place on Sunday 11 August between 11.00am-12.30pm 👉 https://lnkd.in/etRgaE2J The workshop is part of DEF CON’s first-ever Bug Bounty Village, which is co-sponsored by YesWeHack and features contributions from Our Tech Ambassador, BitK. 👉 https://lnkd.in/e7EbgP9R Ariel Walter García Harley Kimball 👏
Presentations | Bug Bounty Village
bugbountydefcon.com
-
📢 The agenda for DEF CON’s inaugural Bug Bounty Village – which YesWeHack is proudly sponsoring – has landed 🔥 Watch out for a panel of #BugBounty community leaders, which stars our Tech Ambassador, BitK, alongside representatives from HackerOne, Synack, Bugcrowd and Intigriti. This will take place on Friday, 9 August, between 12.30pm-1.30pm, in the Village Classroom. 📅 BitK (aka Lucas Philippe) is also delivering a workshop on ‘Prototype Pollution in Depth, From Beginner to 0-day Hunter’ during the legendary hacker convention. 🔥 This takes place in the same venue, later on the same day, between 3:00pm-4.30pm. Kudos to Harley Kimball and Ariel Walter García for this great conference program ⚡️ Find out more about YesWeHack’s presence at DEF CON 32 👉 https://lnkd.in/enrRMGVy
Agenda | Bug Bounty Village
bugbountydefcon.com
-
With #BugBounty Programs, you only pay for results, not for the time spent. This approach lowers the “price per vulnerability”, even for critical bugs! But don't just take our word for it – hear what Paul Marty, Senior Product Security Engineer at Doctolib, said about the costs of Bug Bounty. Discover #BugBounty insights in #Doctolib’s full customer story 👉 https://lnkd.in/gVxmN9kt
-
-
👏 Last week, Raphaël Arrouas climbed to the top of our platform's all-time podium! Congratulations to him on this remarkable achievement! To celebrate, we're publishing his insightful interview from last year at NULLCON. Take a moment to draw inspiration from his journey and heed his valuable advice. #YesWeRHackers
YesWeHack Hunter Interviews – #2 Xel: “I could have taken control of about 50 firewalls!”
https://www.youtube.com/
-
There is still time to tackle our latest monthly Dojo challenge, AI Image Generator! ⏰ Submit your solution before 2 August for a chance to win exclusive swag! 👇 #YesWeRHackers #CTF #bugbounty
YesWeHack Dojo
dojo-yeswehack.com
-
A tech expert who “stumbled upon LLM Kryptonite” has decried “an almost complete lack of bug reporting infrastructure from the LLM providers”. 😮 📰 In our inaugural snippet of notable InfoSec news, Mark Pesce said he crafted a prompt that caused “every chatbot I could access” (with the honourable exception of Anthropic’s Claude 3 Sonnet) to descend into a “babble-like madness”. 1️⃣ Back in May, the ex-Apple engineer detailed his findings and difficulties in finding secure ways to notify the vendors 👉 https://lnkd.in/gXhDwXmU 2️⃣ In a recent follow-up, he laments Microsoft’s response (“does not meet the definition of a security vulnerability") and LLM vendors supposedly failing to acknowledge issues while surreptitiously deploying “behind-the-scenes patches” 👉 https://lnkd.in/gF2RJJ9h 📬 If you'd like to stay updated to more of such vulnerability disclosure news, don't forget to subscribe to our Bug Bounty Bulletin: https://lnkd.in/gKYY_R7h
I stumbled upon LLM Kryptonite and no one wants to fix it
theregister.com
-
A new article is out! This time we focus on digging deeper into white-box penetration testing in the PHP language🐘 We'll go over how you can use Xdebug to perform debugging and how you can create your own docker environment!👇 #YesWeRHackers #BugBounty
White-box penetration testing with Xdebug: Debugging for PHP vulnerabilities
yeswehack.com
-
🇺🇸 Heading to Las Vegas for DEF CON 32 next month? 📢 YesWeHack is sponsoring the inaugural #BugBounty Village, where our Tech Ambassador and security researcher BitK will sit on a panel of industry experts to discuss the latest trends in crowdsourced security. 🐞 BitK (aka Lucas Philippe) will also deliver a workshop on ‘Prototype Pollution in Depth, From Beginner to 0-day Hunter’ during the legendary hacker convention. 🧠 And Alex B. and Carlos Torres will be mingling with the world’s most talented hackers, hunters and security researchers. 🤝 Find out more! 👇 https://lnkd.in/enrRMGVy
YesWeHack heads to DEF CON 32 as Bug Bounty Village debuts
yeswehack.com