Skip to main content

Security@ 2022: Achieve Attack Resistance

Get your complimentary pass to Security@ 2022 with promo code VIPCOMP

October 12-13, San Diego | October 13, London

Register today

 

Meet with HackerOne at SecTor 2022

Is transformation widening your security gap?

Oct 5- Oct 6 | Booth #S414, North Expo Hall
Metro Toronto Convention Center

Digital transformation has a downside: It causes a gap between the attack surface your organization knows about and protects, and your full attack surface—with assets that are beyond your security team's scope and therefore unprotected. And the security skills shortage makes matters worse: 44% of IT and security leaders are uncertain of their teams’ ability to close the gap.

Stop by Booth #S414 for a chat or a demo

Learn the various ways you can boost your attack resistance with help from vetted ethical hackers: See a demo of our vulnerability disclosure program, pentesting, bug bounty, full attack surface management, and more.

Book a 1:1 meeting with our security experts

Book a 30-minute consultation to walk through all the ways the HackerOne platform can strengthen your attack resistance—whether you’re looking for vulnerability management, application security, cloud security, or a combination.

Attend our SecTor theater session—Wednesday, Oct. 5 at 10:15am in Theatre 1

Attend our SecTor theatre session with Jobert Abma on What Log4Shell Taught Us About the Software Supply Chain, That Other Vulns Didn’t

Schedule a Meeting at SecTor

Jobert Abma, Co-founder & Engineering

Jobert Abma

Jobert Abma is a co-founder and principal engineer at HackerOne, the leader in Attack Resistance Management. He is an avid hacker, developer, and advocate for transparent and safe vulnerability disclosure. As a hacker himself, Jobert has reported critical vulnerabilities to GitLab, Yahoo!, Slack, and Snapchat, among others.

Abstract:

The discovery of the Log4Shell vulnerability was a wake-up call for many organizations. It was an opportunity not only for criminals, but also for hackers who look to help organizations uncover vulnerabilities before they can be exploited. Log4Shell forced many organizations to address how they use third-party and open-source software. Most organizations have recovered from Log4Shell’s impact. However, the lessons it taught can be applied to better prepare your organization ahead of and in response to zero-day attacks.

Attend our session to learn:

  • Takeaways from the Log4Shell catastrophe
  • How HackerOne's community found Log4Shell and remediated it
  • How ethical hackers have aided organizations in establishing best practices for using third-party and open source software securely