Explore a comparative analysis of software vulnerability discovery processes employed by hackers and testers in this 21-minute IEEE conference talk. Delve into the findings of a semi-structured interview study involving 25 participants from both groups, examining their methods, skill development, and challenges faced. Gain insights into the similarities in processes but differences in outcomes due to varying experiences and security knowledge. Discover recommendations for enhancing security training for testers, improving communication between hackers and developers, and optimizing bug bounty policies to encourage hacker participation. Learn how understanding this ecosystem can lead to more secure software releases and a more effective vulnerability discovery landscape.
Hackers vs. Testers - A Comparison of Software Vulnerability Discovery Processes
Overview
Syllabus
Hackers vs. Testers: A Comparison of Software Vulnerability Discovery Processes
Taught by
IEEE Symposium on Security and Privacy
Tags
Related Courses
-
Recon For Bug Bounty, Penetration Testers & Ethical Hackers
-
Bug Bounty - Web Application Penetration Testing B|WAPT
-
Hacking Web Applications & Penetration Testing: Web Hacking
-
Vulnerability Discovery for All - Experiences of Marginalization in Vulnerability Discovery
-
Tapping Hackers for Continuous Security
-
Bug Bounty Conspiracy and 50 Shades of Gray Hat - Who Owns the Vulnerability?
