Rootconf monthly security masterclasses; Hasgeek survey Rootconf security topic editor Arjun BM was on the panel discussing the CoWIN data breach discussion last Friday. Icymi, watch the video here. more
Organizations of various sizes have been putting together and hosting bug bounties over the years. Some of these are very popular - participants look forward to the event on their calendars. Others, not so much.
The “hit or miss” nature of these events are sometimes a deterrent for any new business thinking about hosting a bug bounty. And yet, it is somewhat easy to plan for success - using playbook-like approaches and strong ownership of the process.
Rootconf invited showrunners of some of the most successful bug bounties to share insights, secrets and tips which will help any business to get started with this approach. Blending talks, how-to’s and panel discussions - this is the one stop shop for how to “get started with bug bounties” that you were looking forward to.
Participate in the conference to share your work and learn from peers.
This knowledge repository (blog posts and videos) and conference have been curated by Anant Shrivastava - information security consultant; Shrutirupa Banerjiee, senior security researcher at Quick Heal and Editorial Assistant at Rootconf; and Sankarshan Mukhopadhyay, editor at Hasgeek.
- InfoSec engineers
- Appsec engineers
- DevSecOps teams
- Security engineers
- Engineering managers
- Engineering leadership in organizations
RSVP to participate, or purchase a subscription to access videos, and to support Rootconf’s community activities on hasgeek.com
Code of Conduct: Hasgeek’s Code of Conduct applies to all participants and speakers at the meetups.
COVID protocols and masking policy for meetings held in-person: In keeping with COVID protocols, the following is applicable to all participants:
- Participants attending the meetups in person must keep their vaccination certificate handy. The venue may ask you to show your vaccination certificate as proof of being fully vaccinated.
- Wearing masks is optional.
Contact information: For queries about the meetups, contact Hasgeek at email@example.com or call (91)7676332020.
With emerging technologies and advancements in security, threat actors are becoming more and more refined in their approach to attacking systems and infrastructure. It is now the new normal to read news about large enterprises becoming the target of ransomware attempts and data breaches with the haul from the latter being trafficked on websites hosted on the TOR network. It is necessary to acknow… more
A bug bounty programme can be one of the solutions to maintain a good security culture in your organization. However, building a bug bounty programme can be challenging. Now that we are clear about the importance of the setting up a bug bounty programme, let us look at the essential prerequisites the a company should follow when setting up such a programme. more
Starting a Bug Bounty programme can be a tedious task. Yet, it is important for the security engineering culture of the organization. It adds another layer of security to an organization’s infrastructure. Now that you understand the Whys and Whats of bug bounty programmes, let’s dive a little deeper into how to start one. I will deduce the elements that should be considered before an organization… more
In this talk, Joy and Pankaj explain how they set up a bug bounty programme at InVideo, and why they chose to build their own platform versus choosing available SaaS offerings. more
Starting a bug bounty programme may seem like an enormous task. Regardless, if it is properly planned and managed, it becomes quite easy to implement. Each team should be well aware of its roles and responsibilities. After having seen how to start a bug bounty program, I’ll walk you through some important suggestions that should be kept in mind while running the bug bounty programme. more