Catch Me If You Can - Ephemeral Vulnerabilities in Bug Bounties
Offered By: 44CON Information Security Conference via YouTube
Course Description
Overview
Explore the concept of ephemeral vulnerabilities in bug bounty programs through this informative conference talk from 44CON 2018. Discover how the rapidly changing internet landscape, driven by cloud computing, creates brief windows of vulnerability in networks and applications. Learn about critical security flaws that exist only for short periods and how to identify and exploit them. Gain insights into continuous security assessment techniques, understand the root causes and impact of ephemeral vulnerabilities, and examine real-world examples from companies like Uber and Slack. Acquire knowledge on how to avoid these fleeting security risks and adapt to the shifting paradigm of cybersecurity in the modern digital era.
Syllabus
Intro
What Are Ephemeral Vulnerabilities?
Bug Bounties
Bounties Are Not Pen Tests
Getting Paid
Shifting To Continuous Security Assessment
Continuous Assessment
Root Causes of Ephemeral Vulnerabilities
Impact of Ephemeral Vulnerabilities
Evaluating AMPScript on Uber
Breaking Into "e-Commerce Company's" CI
Exposed Git Repository on Slack leading to Source Code and Secrets
Some More Examples
Avoiding Ephemeral Vulnerabilities
Taught by
44CON Information Security Conference
Related Courses
Ethical HackingIndian Institute of Technology, Kharagpur via Swayam Investigación en Informática Forense y Ciberderecho
University of Extremadura via Miríadax MSc Cyber Security
Coventry University via FutureLearn Network Security - Introduction to Network Security
New York University (NYU) via edX Network Security - Advanced Topics
New York University (NYU) via edX