Today, we’re excited to announce the launch of WhiteSource for Hackers, a neat known and unknown vulnerabilities exploitation tool, that can be used to attack and inject payloads in multiple organizations in a relatively short time via cross-platform API. We encourage hackers to use this tool for the betterment of security vulnerability research.
Desperate Times Call for Desperate Measures
If you have teenage children, you probably also have a “keep the door open” policy for when their friends come over, right? If something bad is happening, you’re thinking, it better happen somewhere you can see it, right?
Here at WhiteSource, our goal is to help organizations meet all their application security needs within the software development lifecycle. As the complexity of application architecture accelerates, so too does the risk of inadequate cybersecurity design.
Modern application architecture features like microservices and containers leave the application attack surface area greater than it has ever been before. In other words, the available functions in an application that can be used by hackers to disrupt or control it, has significantly expanded.
Application security needs have gone beyond just detection to include continuous prevention and remediation, as demonstrated by recent software supply chain attacks. This huge protection gap must be addressed by unconventional means.
How Does It Work
Hackers and bug bounty hunters have long been part of the same ecosystem as security researchers. Often referred to as black hat hackers and white hat hackers, they all share common goals like uncovering security holes and developing exploit proof-of-concepts.
Today, thanks to WhiteSource’ first of its kind vulnerability exploitation platform, hackers and security researchers alike can benefit from complete anonymity as they collaborate on developing real-world exploits.
What’s in It for Hackers
Named the leader in the Forrester’s Software Composition Analysis Wave Report and a CVE Numbering Authority, WhiteSource is the creator of an industry-leading vulnerability database, maintained by an expert team of security researchers.
What Can We Learn From the Hacker Community on Prioritizing Vulnerabilities?
What’s in It for Security Researchers
It is only through the observation of real-world adversary tactics that security researchers can develop improved security approaches. Only a true hacker-researcher collaboration on two sides of an opaque screen, can uncover the design and coding flaws that serve as a back door to an organization's most critical applications.
The WhiteSource for Hackers vulnerability exploitation platform goes beyond standard bug bounty programs to provide a true layer of ambiguity between real hackers and their observers, for the betterment of the entire application security community.