Page 24 - Hands-On Bug Hunting for Penetration Testers
P. 24

Joining the Hunt                                                            Chapter 1

            More applications performing more complex services for more people and managing more
            data leads to things breaking. The demand for web developers has soared as companies try
            to realize their technical aspirations, but supply has not kept up with the almost unlimited
            appetite for development work. Coding bootcamps, online courses, and other alternatives
            to a four-year degree have become a popular entry point for a career in software
            engineering, but there's still a large gap between what the programming companies want
            done versus the programmers who are available and capable of doing it. As demands on
            developer time and attention have increased, security concerns once avoided as costly and
            nonessential have ballooned into crises for inattentive businesses, as vulnerabilities have
            led to data breaches, commercial exploitation, identity theft, and even espionage by state
            actors and criminal syndicates.

            Bug bounties are the crowdsourced alternative to an expensive, in-house security
            apparatus. Technology companies (from mega corps to small, five-person start-ups) have
            embraced using public bug bounty programs to find the sort of faulty logic and mishandled
            data-processing in their applications that hackers typically use as footholds for larger
            campaigns. By finding vulnerabilities before they become exploits, companies can pay for
            work that directly reduces their exposure without having to cover the cost of a full security
            audit. Some companies choose to participate in third-party platforms, such as Bugcrowd or
            HackerOne, in order to standardize their payouts, submission report formatting, rules of
            engagement, and target lists, while others are large enough to run a program under their
            own umbrella.
            Either way, by participating as a researcher, you get paid to apply your skills. And since
            many bug bounty marketplaces also track things such as the number of bugs you've found,
            their severity, and your general success rate, doing third-party research on public platforms
            can also be a great bridge to more work in security. If you're coming from a non-traditional
            background or don't have formal education in security, it could help make the case you've
            got the necessary skills to be productive in the field. You can do all of this while d by
            responsibly following the discovery and disclosure process d making the target application,
            and the general web, safer.


















                                                     [ 9 ]
   19   20   21   22   23   24   25   26   27   28   29