Hey corporations: Provide a easy way to disclose vulnerabilities to you!

Posted by & filed under /dev/random, Hacking & Pentesting, Secure Development.

Lately I’ve seen several cases where people openly discuss discovered web vulnerabilities in big corporations’ web sites, and often disclosing technical details because the person that discovered didn’t find or didn’t bother looking hard enough for a phone number or email address to the relevant security response team. Even though some of the cases above are… Read more »