[OWASP-Bangalore] [Owasp-hyderabad] [OT] null security Jobs

null null giimale at gmail.com
Fri Jul 9 07:53:51 EDT 2010


Hi,

On Fri, Jul 9, 2010 at 3:24 PM, webDEViL <w3bd3vil at gmail.com> wrote:
> I would want to ask a few questions on your keeda project.
> 'Vulnerabilities found in the wild.'
> -- isn't that known information already?

0 days or known - Our priority is based on it's "reported to Vendor" status.

> Anyways, what type of vulnerabilities are we talking about here?  Are those
> vendor specific or site specific?

Both i.e. products as well as custom software ( custom web apps for example).

> Why should I contact you, do you have some ub3r cool links with vendors?

It's totally your decision and no we don't possess any super
natural/voodoo skills :-).
Although we can try to speed up the process or make noise about it in
front of the right people.

> Site Specific, Isn't that illegal and lame in the first place?

Our reports directly go to CERT-IN and the vendors.
Illegal - I don't think so, lame - may be :-).

Hope that answers your queries. let me know if you have any further queries.

Cheers,
@



>
> --webDEViL
> On Fri, Jul 9, 2010 at 12:55 PM, null null <giimale at gmail.com> wrote:
>>
>> Greetings from null!
>>
>> We are proud to announce the launch of our latest project: n|u Jobs
>> n|u Jobs a.k.a null security jobs is an initiative by null - The open
>> security community. The aim of the project is to aid and boost
>> employment in the field of information security. The job posters
>> and seekers both can post/apply for jobs online and are not
>> charged anything for using the service.
>>
>> Website: http://jobs.nullcon.net
>> Email: jobs_a t_null.co.in
>> Working for Peanuts? Working under Hari Sadu? Logon to jobs.null.co.in
>> Today :-)
>>
>> About null
>> null is an open community and a non-profit initiative with the aim of
>> bringing together the best minds in the information security field and
>> work on innovative solutions to counter current an emerging threats.
>> It is also a forum to freely discuss and responsibly disclose security
>> vulnerabilities via project Keeda.
>>
>>
>> What is null Keeda Project?
>> Keeda Project is a database of vulnerabilities reported by the
>> security community at large to null. The aim of Keeda project is to
>> inform the vendors and govt about any vulnerabilities found in the
>> wild and reported to us to enable the organizations respond to that
>> security threat quickly and fix it before crackers can steal
>> confidential data or infect their systems. Keeda is a free service and
>> we don't charge anything to the vendors. Although a Thank you note for
>> the person who reported the vulnerability and Keeda would encourage
>> more people to report vulnerabilities to us (eventually to you
>> privately) instead of disclosing them in public which can harm any
>> organization's business reputation.
>>
>> Email: keeda_a t_null.co.in
>> Contact us if you have found any vulns (and also if the vendors are
>> not responding).
>>
>> --
>> Cheers,
>> @
>> _______________________________________________
>> Owasp-hyderabad mailing list
>> Owasp-hyderabad at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-hyderabad
>
>



-- 
Cheers,
@


More information about the OWASP-Bangalore mailing list