Hacking, AppSec, and Bug Bounty newsletter

2017-05-24 | Critical IDOR, TPP resurrected, and Geekboy bloggin

Wednesday, May 24

Wee bit late today, but some gems in today's 0-Daily. 


  • Cybersecurity is hard says Michael Daniel. He’s the President of the Cyber Threat Alliance and opines in an HBR article on some of the current uncertainty and difficulty in the cybers. The TL;DR it’s not purely a technical problem, but transparency breeds trust. A good quote from the article on that last point: work together in good faith to begin sharing threat information in an automated fashion, with everyone contributing to the system, and with the context of threats being given a lot more weight.


You can see all the latest and greatest disclosures and bounties on


  • We put a lot of our personal info on the internet. Kristin Parke talks security, how to become a hacker & more - @rubenharris



Zero Daily is a daily newsletter that highlights application security, bug bounty, and hacker focused topics. The content is curated with love by @luketucker and brought to you by HackerOne.

Friends don’t keep good things to themselves - forward this to your homies and co-workers. BTW, want to see who runs bug bounties?

Have a news tip / story to highlight? We’d love to hear about it. Email: 

Get this email forwarded to you? Click here to subscribe to the Zero Daily


Music is just a set of directions for a musician to be able to read, interpret, and be able to play it and create music from it. Code is really similar because you have the syntax, you have a certain way you’re supposed to arrange words together so that a computer can go through it and understand the directions you’re trying to do and then execute those directions.

Kristin Parke


HackerOne is the #1 hacker-powered security platform, helping organizations find and fix critical vulnerabilities before they can be criminally exploited. As the contemporary alternative to traditional penetration testing, our bug bounty solutions encompass vulnerability assessment, crowdsourced security testing and responsible disclosure management. Discover more about our hacker powered security testing solutions or Contact Us today.