Monday, November 18, 2013

The Great OWASP Bug Bash of 2013

OWASPers -

CALLING ALL SECURITY NINJAS… Whether you’re attending Appsec in person or in spirit, you’re invited to join Bugcrowd and the OWASP team as we unite hackers across the world for the first ever Internet-wide bug bash.
This collaborative hack-a-thon will feature testers and providers of public bug bounty programs finding bugs in the world’s largest Internet companies! Companies contributing to bounty programs, including Prezi, Facebook, Google and Yandex will be present to meet and greet those responsible for improving global application and internet security. No need to worry about protecting your identity, masks will be provided!
Featuring…
The Inaugural Wall of Bugz
, music, drinks, hacking contests, special prizes, the world’s largest gummy bug and more!
Bug Bounty programs have been getting a lot of press lately, and for good reason. They work. Bugcrowd will be running this event live from 8-12 every night during Appsec USA 2013 and we actively encourage OWASP members around the world to participate.
Just some of the targets to pick from: https://bugcrowd.com/list-of-bug-bounty-programs/
To participate, join us at the event:
When: Monday & Tuesday Night 8pm – 11:59pm
Where: 16th Floor Skylobby
When: Wednesday Night 8pm – 11:59pm
Where: 5th Floor Ballroom
For the global ninjas who wish to participate remotely click this link to play https://www.bugcrowd.com/owasp/
############################################################
Want to participate in Team OWASP and work together to find vulnerabilities with the proceeds benefiting OWASP?

Here is our disclosure agreement (download)
Team OWASP - Bug Bounty Program Agreement

I agree to participate on Team OWASP, and share information amongst the team for purposes of collaborating on finding and disclosing security vulnerabilities in the authorized bug bounty programs listed below.  

I will respect and follow the guidelines for responsible disclosure set forth by the authorized bug bounty programs. If you have questions about the details of these guidelines, please read the information provided on the links below.

For example, here are are the first two items on LinkedIn’s responsible disclosure policy:
I agree that any awarded bounties for vulnerabilities found by Team OWASP, will be paid directly to the OWASP Foundation.

Websites:
With mobile app
Web related apps:
Open source:


_______________________________
Name Printed


_________________________________                   _______________________
Name Signed Date




No comments: