Archive for the ‘Partners’ category

Funding for bug bounty vendor

February 9th, 2017

As per the recent news, one can make money in the rewarding business of security researchers for finding security vulnerabilities. HackerOne published that they have raised a $40M Series C round of funding. Total funding received till date for the San Francisco based company is $74 Million.

Dragoneer Investment Group led new round of funding. It will be used to help HackerOne grow its business.

“HackerOne is at the forefront of the burgeoning bug bounty movement,” Marc Stad, Founder and Managing Partner of Dragoneer Investment Group, said in a statement. “It is borderline silly for a company not to utilize a bug bounty platform given the immediate reduction in security vulnerabilities and the relatively low price point compared to other security options.”

Rice, co-founder and CTO of HackerOne in the video interview mentioned the statistics of business growth. Also, discussed the bugs found by HackerOne’s community of researchers.

Hacking the pentagon program was one of the major successes of HackerOne. The results were positive. It has 1,400 security researchers participating in the program. It also discovered 138 serious vulnerabilities which were fixed quickly. Also, the U.S. Department of Defense also got involved in the program.

HackerOne faces competition from bug bounty vendor Bugcrowd. The rival has raised $24 million in funding to date which includes $15 million Series B round.

“When I started the company in 2013, I spent most of my time explaining what a bug bounty was to people,”Bugcrowd founder and CEO Casey Ellis said. “I don’t have to do that anymore.”

“How we do things today is we prove a concept manually first, apply human intelligence to the problem set and then take the repeatable learnings and codify that,” Ellis said.

The market of buy bounty is competitive but there is demand. Rice also mentioned that more bugs have been found by third party bug bounty companies as compared to vendors.

_____________________________________________________________________________________________________

Alertsec’s cloud-based information security service provides an easy and convenient way to protect information on your organization’s laptops and computers.

Truck and Data Breach

April 29th, 2016

A mail delivery truck which was having health information was stolen. This has resulted into a potential healthcare data breach for Kaiser Permanente, a healthcare system based in California. According to the reports, health information of approximately 2,400 individuals was affected . The truck was stolen from the parking lot.

The truck was not parked in a secure area even there are guidelines by Kaiser Permanente’s. Truck contained “Evidence of Coverage” handbooks for Kaiser Permanente patients who are on the Inland Empire Health Plan. Affected information included personal information, such as names, addresses, and an overview of plan benefits.

According to the reports, thieves gained entry to the vehicle. They drove to an unspecified location and left the empty truck behind.

After the incident, the healthcare facility reported the stolen vehicle to local law enforcement officials.Michelle Simms, a Kaiser Permanente spokeswoman, said the health care provider spoke to Los Angeles County Sheriff’s station in Santa Clarita. Truck was found with missing health records. Facility believes that there is no evidence of misuse of PHI information. Also, the file didn’t contain Social Security numbers, medical record numbers, descriptions of health services, health statuses, and financial information.

“We are in the process of notifying and apologizing to our members affected by this incident,” officials said in a statement. “We have investigated this matter and are taking appropriate steps to prevent similar errors in the future.”

With the rise in data breaches due to stolen records, it is better to go for digitization with proper safeguards. Some of the responsible health data handling includes –

  • Administrative safeguards includes policies and procedures to protect the privacy, and security of patients’ PHI
  • Physical safeguards includes measures to protect the hardware and the facilities
  • Technical safeguards includes health IT system to protect health information and to control access to it

————————————————————————————————————————————————————-

Alertsec has created a web based encryption service that radically simplifies deployment and management of PC encryption by using industry leading Check Point Full Disk Encryption (former Pointsec) software