[Update: Corrected title per first comment. Also, should you find any kind of vulnerability with SoylentNews, please send a description to "dev" at "soylentnews.org" and we'll address it as soon as possible. --martyb]
Submitted via IRC for AndyTheAbsurd
Almost a quarter of hackers have not reported a vulnerability that they found because the company didn't have a channel to disclose it, according to a survey of the ethical hacking community.
With 1,698 respondents, the 2018 Hacker Report, conducted by the cybersecurity platform HackerOne, is the largest documented survey ever conducted of the ethical hacking community.
In the survey, HackerOne reports that nearly 1 in 4 hackers have not reported a vulnerability because the company in question lacks a vulnerability disclosure policy (VDP) or a formal method for receiving vulnerability submissions from the outside world.
Without a VDP, ethical, white-hat hackers are forced to go through other channels like social media or emailing personnel in the company, but, as the survey states, they are "frequently ignored or misunderstood".
But that means that three-quarters DO, which I guess is good news. Or at least not bad news.
(Score: 0) by Anonymous Coward on Thursday January 18 2018, @08:19PM (1 child)
Didn't know this turned into a fake job board. Here's one for the road:
Ruby/PhP Server / Backend Engineer
Responsibilities:
-Write maintainable, scalable server code.
-Modify and extend our backend systems and technologies depending on business requirements
-Develop server side implementation of game features
-Work side by side with our Games client side team to test / develop features
-Work with Customer Support and Product departments in order to debug / fix production issues
-Work with QA department to address bugs and implementations of tools for testing
-Implement instrumentation of our different External and Internal Services
Requirements:
-3+ years of experience working with Ruby on Rails (Ruby), Laravel (PHP)
-Strong Knowledge of Software Design and Architecture Best Practices
-Experience writing RESTful services or APIs
-Strong knowledge and experience writing scalable SQL queries
-Basic to Intermediate experience deploying applications using:
---- Capistrano
---- Custom Capistrano Recipes
-Proven experience dealing with scaling issues at different infrastructure levels:
---- Application code
---- Server infrastructure / resources
---- Database
---- Networking
-Experience using source control (Git, SVN or Mercurial)
-Feels comfortable working in teams and is not afraid to ask questions
-Ability to communicate technical issues to a non technical audience
-Fast learner
Bonus (desirable to have but not required):
-(Huge Plus) Proven experience setting up and tuning the following technologies:
---- Apache + Phusion Passenger
---- MySQL
---- Memcached
---- Redis
---- Haproxy
-Familiarity with Sidekiq, Delayed Jobs, Resque or similar technologies
-Experience using Nginx
-Familiarity with Monit and Nagios
-Experience with any NoSQL database
-Basic C# knowledge
-Usage of Ant, Maven or similar technologies
(Score: 0) by Anonymous Coward on Thursday January 18 2018, @08:40PM
Offering a 100% relevant job is quite different. It answers the question of "where to report".