I have reached the age where friends are getting roles like CISO or Director of Security or Senior Architect. All important titles with crucial tasks ahead of them. Usually when friends take these roles they immediately realize that they have found themselves in unfamiliar waters. The skills that got them to that role are not the skills they need to succeed.
Editor's Note: Today I’d like to introduce you to Bugcrowd member Anshuman Bhartiya (anshuman_bh). As an information security professional as well as bug bounty researcher, Anshuman has helped improve the security of many organizations. He has submitted several P1 & P2 bugs leading to his high standing within the programs he is involved in. As an active member on our Bugcrowd forum he also contributes to the bug bounty researcher community. This blog is from one of his responses on the forum that he has allowed us to post here. We are thrilled to share his thoughts and experience on how to successfully approach a target. Thanks!
Editor's Note: Bugcrowd community researcher, Duarte Silva, shares the story behind how he started working in information security. Duarte is one of Bugcrowd's top researchers, you can follow him on Twitter at @serializingme.
About the Author: Ben Sadeghipour has been participating in bug bounty programs since February of 2014. After his first few bugs, he came to realize that bug bounties are a great way to learn more about web application security as well as make some extra money while going to school - computer science major. Currently Ben is an intern at Bugcrowd and continues to do bug bounty research. You can see more of his work on nahamsec.com.
[Today I’d like to introduce you to Bugcrowd member Ciaran McNally. (maK0) As a freelance security consultant as well as entrepreneur, Ciaran has helped improve the security of many organizations. We are honored to share is thoughts and experience on how organizations can increase their overall security. Thanks!
This post originally appeared on Tripwire.
[Today I'd like to introduce you to Bugcrowd member Satish Bommisetty. An author and professional security researcher, Satish has helped improve the application security of dozens of companies by reporting over 170 valid vulnerabilities through Bugcrowd. We are honored to share his thoughts on how bounty hunters can deliver high quality professional results and create a respectful security research community. These are things that help form a researcher's positive reputation among peers as well as with customers.