Apr 09, 2014 By Sarah Vonnegut |
Security vulnerabilities are discovered, reported and fixed every day. But how can we more easily learn about them, and how can the white-hat hackers that find them keep their finds organized? “I prefer a world where I have all the information I need to assess and protect my own security,” Bruce Schneier wrote in an essay on Full Disclosure in 2007. It’s a need the industry is still working out.
Big issues are usually reported, a perfect example being the Heartbleed OpenSSL vulnerability, but the small flaws go unnoticed by most – and that’s a big problem. Security researcher and auditor Sergey Belov is trying to help mend the gap between securities bugs and the general public with his new site, BugsCollector.com.</Read More>