Hacking, AppSec, and Bug Bounty newsletter
2018-04-12 | DASP Top 10, National Cyber Strategy, and Thwarting quantum attacks
Thursday, April 12
We want to hear from you, our amazing readers: Take this quick survey on how we can improve Zero Daily. You may get lucky - like swag pack sent to your front door lucky. Survey ends 2018-04-13 at 12pm PST.
US Copyright Office is considering adding more exemptions to section 1201 to allow good-faith security researchers access to a broader array of technology, specifically electronic voting machines, Cyberscoop reports.
TWEET OF THE DAY
Gandalf standing in front of the Gates of Moria trying to remember a password makes a lot more sense to me now than it did in 1984. - @other_shoe
OTHER ARTICLES WE’RE READING
A “National Cyber Strategy" is at the White House awaiting approval per reporting from Politico
The never-ending search for the perfect moniker for that zero day
The Decentralized Application Security Project ( DASP) Top 10 announced by NCC Group. NCC says DASP Top 10 is an open and collaborative project to join efforts in discovering smart contract vulnerabilities.
ABOUT ZERO DAILY
Zero Daily is a daily newsletter that highlights application security, bug bounty, and hacker focused topics. The content is curated with love by @luketucker and brought to you by HackerOne.
Friends don’t keep good things to themselves - forward this to your homies and co-workers. BTW, want to see who runs bug bounties?
Have a news tip / story to highlight? We’d love to hear about it. Email: firstname.lastname@example.org
Get this email forwarded to you? Click here to subscribe to the Zero Daily
We determined that DHS' information security program for intelligence
systems is not effective, based on the maturity model included in this year’s
reporting instructions. Specifically, DHS' continuous monitoring tools for its
intelligence system are not interoperable.
HackerOne is the #1 hacker-powered security platform, helping organizations find and fix critical vulnerabilities before they can be criminally exploited. As the contemporary alternative to traditional penetration testing, our bug bounty program solutions encompass vulnerability assessment, crowdsourced testing and responsible disclosure management. Discover more about our security testing solutions or Contact Us today.