[Owasp-boston] OWASP RI: Bug Bounties! July 17

Patrick Laverty patrick.laverty at owasp.org
Mon Jul 16 16:13:36 UTC 2018


Just a reminder that we will have a meeting tomorrow night at Upserve with
Bryan Brannigan talking about Bug Bounties! If you have anything else web
app sec related that you'd like to talk about, lemme know! Pizza will be
provided by Upserve! Please RSVP at
https://www.meetup.com/Providence-Web-Application-Security-Meetup-OWASP-RI/events/252157100/

More details below!

Patrick

On Tue, Jun 26, 2018 at 10:52 AM, Patrick Laverty <patrick.laverty at owasp.org
> wrote:

> We are back! Sorry for the long, long layoff. But we have Bryan Brannigan
> of Upserve to talk to us about the bug bounty program he developed. A
> description is below.
>
> I'd love to have more content too. Do you have something you should show
> in 10 minutes? Nothing big, just a quick explainer or demo? Want to show
> people what is XXE? What is a typical Angular template bypass? Anything
> would be cool! Or if you have something longer, we can schedule a meeting
> for just that! If you have an idea that might not be appsec, we also have
> the Defcon401 meeting group that can do things like that too! So let's hear
> 'em. These groups stay alive and are valuable because of you, the speakers
> and the attendees.
>
> Ok, here's the details on the next OWASP RI meeting:
>
> Tuesday, July 17, 6:30 pm, 10 Dorrance St. in Providence, at Upserve.
>
> Bug bounties are a marketplace and like all marketplaces, there are good
> sellers (researchers) and buyers (programs), and there bad sellers and
> buyers. There are resources everywhere to help researchers get going in
> this exciting world of bug hunting, but there are few resources available
> to help those running programs. But it is far worse to be a bad program
> than it is to be a bad researcher. Let's have a conversation about how
> Upserve went from no bounty program to launching a public program (and
> beyond!). We'll talk about the speedbumps and the lessons learned along the
> way. And you'll learn about how managing a successful bug bounty program is
> more about managing expectations and clear communication then it is about
> fixing security bugs.
>
> Please RSVP at https://www.meetup.com/Providence-Web-Application-
> Security-Meetup-OWASP-RI/events/252157100/
>
> We will see you there!!
>
> Patrick
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-boston/attachments/20180716/d72d5941/attachment.html>


More information about the Owasp-boston mailing list