What HackerOne has learned from years of AWS bug bounties

March 5, 2021
In this session, HackerOne cofounder and security expert Jobert Abma reviews high-severity bugs that surfaced in bug bounty programs over the years for AWS applications. These are bugs that may be rewarded with bounties of up to $20,000. Jobert discusses ways to avoid the bugs altogether, reducing the risk of unintended broad access and building trust with the users of the application. The review includes bugs relating to DNS hijacks, SSRF to Amazon EC2 instance metadata, inadvertently disclosed AWS keys, public Amazon S3 buckets, and improper configurations.
Previous Video
The Full Machine Learning re:Invent Release Guide for Startups
The Full Machine Learning re:Invent Release Guide for Startups

Your dev team is working on Saturdays, your next fundraising round is on the horizon, your Machine Learning...

Next Video
Role models: How AI is improving diversity in fashion
Role models: How AI is improving diversity in fashion

What’s the key to the future of diversity and inclusion in the fashion industry? According to Lalaland cofo...