- Видео 45
- Просмотров 60 341
YesWeHack
Франция
Добавлен 20 фев 2016
YesWeHack is a leading Bug Bounty and Vulnerability Management Platform. Founded by ethical hackers in 2015, YesWeHack connects organisations worldwide to tens of thousands of ethical hackers, who uncover vulnerabilities in websites, mobile apps, connected devices and digital infrastructure.
The YesWeHack platform offers a range of integrated, API-based solutions: Bug Bounty (crowdsourcing vulnerability discovery); Vulnerability Disclosure Policy (creating and managing a secure channel for external vulnerability reporting); Pentest Management (managing pentest reports from all sources); Attack Surface Management (continuously mapping online exposure and detecting attack vectors); and ‘Dojo’ and YesWeHackEDU (ethical hacking training).
YesWeHack's services have ISO 27001 and ISO 27017 certifications, and its IT infrastructure is hosted by EU-based IaaS providers, compliant with the most stringent standards: ISO 27001 (+ 27017, 27018 & 27701), CSA STAR, SOC I/II Type 2 and PCI DSS.
The YesWeHack platform offers a range of integrated, API-based solutions: Bug Bounty (crowdsourcing vulnerability discovery); Vulnerability Disclosure Policy (creating and managing a secure channel for external vulnerability reporting); Pentest Management (managing pentest reports from all sources); Attack Surface Management (continuously mapping online exposure and detecting attack vectors); and ‘Dojo’ and YesWeHackEDU (ethical hacking training).
YesWeHack's services have ISO 27001 and ISO 27017 certifications, and its IT infrastructure is hosted by EU-based IaaS providers, compliant with the most stringent standards: ISO 27001 (+ 27017, 27018 & 27701), CSA STAR, SOC I/II Type 2 and PCI DSS.
YesWeHack Customer Story: Ferrero, Italy's sweet-packaged food giant
Discover how Ferrero, a global leader in sweet-packaged foods, is scaling its Bug Bounty program - from just a few hunters initially to an ambitious target of 200 by the end of 2024.
In this exclusive interview, Vittorio Addeo, Global Head of Offensive Security & the Red Team, and Giulio Maria Gravante, Cyber Offence Project Manager, share their journey, challenges, and key success factors in adopting the Bug Bounty model. Learn how Ferrero leverages ethical hacking to strengthen its cybersecurity strategy.
This conversation was filmed during the RomHack conference in Rome in September 2024, where Ferrero and YesWeHack hosted Italy's first-ever Live Hacking Event. Curious about the results?...
In this exclusive interview, Vittorio Addeo, Global Head of Offensive Security & the Red Team, and Giulio Maria Gravante, Cyber Offence Project Manager, share their journey, challenges, and key success factors in adopting the Bug Bounty model. Learn how Ferrero leverages ethical hacking to strengthen its cybersecurity strategy.
This conversation was filmed during the RomHack conference in Rome in September 2024, where Ferrero and YesWeHack hosted Italy's first-ever Live Hacking Event. Curious about the results?...
Просмотров: 160
Видео
Talkie Pwnii #2: Exploiting second order SQL injection to extract data
Просмотров 4829 часов назад
The second episode of Talkie Pwnii, our video writeups featuring pwnwithlove aka Pwnii, breaks down YesWeHack's latest Dojo challenge: Hacker Forum. Whether you're curious to discover Pwnii's solution to this challenge or gather precious pieces of technical advice, this is a must-watch, bug hunters! Want to try the challenge yourself? Explore all our past Dojo challenges here: dojo-yeswehack.co...
Banco Galicia x YesWeHack: Live Bug Bounty highlights from Ekoparty, Argentina
Просмотров 743День назад
Watch highlights from a recent YesWeHack live hacking event in Buenos Aires, where security researchers probed digital assets belonging to Banco Galicia for vulnerabilities. The event took place at Ekoparty, the annual computer security conference, on 14-15 November 2024. Anyone attending Ekoparty could participate and hunt for bugs in pursuit of points, a lofty place on the leaderboard and fin...
YesWeHack Hunter Interviews - #11 Pwnii: “Don't forget that a duplicate bug is a valid bug”
Просмотров 1,5 тыс.21 день назад
Like a scientist testing various hypotheses, an ethical hacker typically succeeds only after a lot of trial and error. Recognising this truth, Pwnii, a successful bug hunter on YesWeHack, advises newbie hackers to accept that failing to find bugs is very much the norm not the exception. Pwnii - aka pwnwithlove - is a thriving female hacker and CTF player in a world that retains a significant ma...
Talkie Pwnii #1: Exploiting SQL LIKE Operator & Command Injection Regex Bypass
Просмотров 4,5 тыс.Месяц назад
Welcome to the inaugural episode of Talkie Pwnii, our new series of video write-ups led by YesWeHack’s Researcher Enablement Analyst pwnwithlove aka pwnii! This first video will take you through our latest Dojo challenge, Shell Escape, and show you a couple of different ways you could have solved it, along with technical tips and tricks. By the way, if you haven’t tried solving it yet, it’s not...
YesWeHack Customer Story: L'Oréal, world’s largest cosmetics and personal care brand
Просмотров 250Месяц назад
Learn about L'Oréal’s four-year Bug Bounty journey with YesWeHack so far. Watch Jean-Jacques Mallet, Group Cybersecurity Director at L’Oréal, and Guillaume Kermarrec, in charge of the Bug Bounty Program and threat/vulnerability management at the world’s largest cosmetics and personal care company. The pair discuss L'Oréal’s security culture, the motivations for starting up a Bug Bounty Program,...
YesWeHack Hunter Interviews - #10 Blaklis: “I'm still a bit of a Cro-Magnon in the way I hack”
Просмотров 693Месяц назад
Ranked 20th on YesWeHack's leaderboard, the $2M all-time hacker Blaklis proves you don’t need a ton of tools to excel as a bug hunter. In this interview, he shares his hacking journey - from gaming hacks as a teen to becoming a full-time bug bounty hunter - and offers practical advice for newbies. Among other things, hear about how he got into hacking, why he loves it, what his typical day look...
Ferrero x YesWeHack: Italy's First-Ever Live Hacking Event at RomHack 2024
Просмотров 1,4 тыс.2 месяца назад
Watch highlights from Italy’s first-ever live bug bounty event, featuring targets from Ferrero, the Italian sweet-packaged food giant. The live hacking event was organised and managed by YesWeHack, the global bug bounty and vulnerability management platform. The landmark competition, which saw some of the world's most talented ethical hackers compete for points, prestige and financial rewards, ...
L’Oréal x YesWeHack: Why the cosmetics giant held a Live Bug Bounty
Просмотров 2122 месяца назад
Guillaume Kermarrec, who oversees L’Oréal’s Bug Bounty Program and threat/vulnerability management generally for the iconic cosmetics brand, discussed L’Oréal’s hopes for a live Bug Bounty it held in partnership with YesWeHack. Kermarrec, who works at L’Oréal’s CyberDefense Center, reflected on the company’s preparations for the event, which took place in the summer of 2024 during LeHACK, Franc...
YesWeHack Customer Story: ATG, Swedish betting and horseracing company
Просмотров 4923 месяца назад
A Swedish betting powerhouse that specialises in horse racing has enjoyed a rapid return on investment from running a Bug Bounty Program with YesWeHack - not least around “20 really serious reports that we would never get from a traditional pentest”. That’s according to Erik Täfvander, head of cybersecurity at ATG. In this video, Erik speaks about why ATG decided to crowdsource their security t...
YesWeHack Hunter Interviews - #9 Nagli: “When you’re a hacker you have some superpowers”
Просмотров 1,4 тыс.3 месяца назад
Collaboration, curiosity and choosing targets where you already have extra privileges: discover the recipe behind Nagli's success in the ninth instalment of our bug hunter interview series. Among other things, the 26-year-old hacker (full name Gal Nagli) shares his journey into hacking, recounts his most memorable bug discovery, reveals the secrets behind his success, discusses currently produc...
L'Oréal x YesWeHack: Live Bug Bounty event at leHACK 2024
Просмотров 1,4 тыс.4 месяца назад
L'Oréal became the latest illustrious brand to reap the benefits of a Live Bug Bounty with YesWeHack in July 2024. Across 20 consecutive hours in Paris, around 100 hunters probed digital assets belonging to the world’s largest cosmetics and personal care company and unearthed numerous serious vulnerabilities. Rewards at the live hacking event, which took place at the leHACK conference, went up ...
YesWeHack Hunter Interviews - #8 HakuPiku: “Bug hunting makes me feel like a detective”
Просмотров 1,4 тыс.5 месяцев назад
Swedish bug hunter Eldar Zeynalli, aka ‘HakuPiku’, discusses life as a Bug Bounty hunter. Among other things, he talks about how Capture-the-Flag competitions (CTFs) got him hooked on hacking, the fun aspects of Bug Bounty in comparison to pentesting, his preferred targets, his favourite bug and its wide-ranging impact, and which (non-IT related) profession bug hunting is most similar to. Watch...
YesWeHack Hunter Interviews - #7 drak3hft7: “Soft skills are as important as technical skills”
Просмотров 1 тыс.6 месяцев назад
Passion, persistence and curiosity are as important to success in Bug Bounty as technical hacking skills, according to one of YesWeHack’s most prolific hunters. Seventeenth on YesWeHack’s all-time leaderboard at the time of writing, ‘drak3hft7’ kindly sat down to discuss how he became an ethical hacker, his best bug discovery to date and his preferred hacking tools. Watch our latest interview t...
Hack Me I’m Famous #2 - Live Hacking Event with Louis Vuitton
Просмотров 4,6 тыс.7 месяцев назад
On April 4-5, YesWeHack had the absolute pleasure of hosting the second edition of Hack Me I’m Famous with no other than the prestigious luxury brand Louis Vuitton. Held at Louis Vuitton's Parisian headquarters, the live hacking event brought together forty of Europe's most skilled hackers for an exclusive two-day session dedicated to uncovering vulnerabilities in the luxury group's information...
Attack Surface Management Demonstration - YesWeHack
Просмотров 7258 месяцев назад
Attack Surface Management Demonstration - YesWeHack
YesWeHack Customer Story: Bancolombia Group, Latin American financial institution
Просмотров 91010 месяцев назад
YesWeHack Customer Story: Bancolombia Group, Latin American financial institution
Introducing The YesWeHack Advent Calendar: 24 Days Of Challenges And Festive Fun!
Просмотров 440Год назад
Introducing The YesWeHack Advent Calendar: 24 Days Of Challenges And Festive Fun!
YesWeHack Customer Story: European Community of Alsace, regional government body
Просмотров 412Год назад
YesWeHack Customer Story: European Community of Alsace, regional government body
YesWeHack Customer Story: Doctolib, leading European e-health company
Просмотров 572Год назад
YesWeHack Customer Story: Doctolib, leading European e-health company
Wisdom of the crowd: What ethical hackers think about the YesWeHack Bug Bounty platform
Просмотров 1,1 тыс.Год назад
Wisdom of the crowd: What ethical hackers think about the YesWeHack Bug Bounty platform
YesWeHack Hunter Interviews - #6 RL: “Documentation is a goldmine of information”
Просмотров 1,4 тыс.Год назад
YesWeHack Hunter Interviews - #6 RL: “Documentation is a goldmine of information”
YesWeHack Hunter Interviews - #5 Serizao & Chackal: “Sharing is caring” when it comes to hacking
Просмотров 1 тыс.Год назад
YesWeHack Hunter Interviews - #5 Serizao & Chackal: “Sharing is caring” when it comes to hacking
YesWeHack Hunter Interviews - #4 Brumens: “Hunters should adapt payloads to their targets”
Просмотров 1,4 тыс.Год назад
YesWeHack Hunter Interviews - #4 Brumens: “Hunters should adapt payloads to their targets”
YesWeHack Hunter Interviews - #3 Icare: “Be curious and persistent”
Просмотров 1,3 тыс.Год назад
YesWeHack Hunter Interviews - #3 Icare: “Be curious and persistent”
YesWeHack Customer Story: Les Mousquetaires Group, retail distribution giant
Просмотров 381Год назад
YesWeHack Customer Story: Les Mousquetaires Group, retail distribution giant
Live Bug Bounty event with Les Mousquetaires and the French Red Cross - leHACK Paris 2023
Просмотров 1,1 тыс.Год назад
Live Bug Bounty event with Les Mousquetaires and the French Red Cross - leHACK Paris 2023
YesWeHack Customer Story: Withings, pioneer in connected health
Просмотров 293Год назад
YesWeHack Customer Story: Withings, pioneer in connected health
YesWeHack Hunter Interviews - #2 Xel: “I could have taken control of about 50 firewalls!”
Просмотров 1,1 тыс.Год назад
YesWeHack Hunter Interviews - #2 Xel: “I could have taken control of about 50 firewalls!”
YesWeHack Hunter Interviews - #1 GoDiego: "Post-auth vulnerabilities are the future of Bug Bounty"
Просмотров 1,6 тыс.Год назад
YesWeHack Hunter Interviews - #1 GoDiego: "Post-auth vulnerabilities are the future of Bug Bounty"
Well explained . Thank you
Amazing
Do you help students against currpt officer
very good
🐐
Posted 3 minutes ago. Pwnii, you rock :)
❤❤
❤👍👍
👊😉
❤Nice
TOP 👍
Nice 🙂👍
THE GOAAAAT
Good looking forward to more upcoming videos and do not worry about the English it's alright. The technical part is top notch 😁
developerzer
Pourrais-tu faire les mêmes vidéos en Français SVP?
En anglais, c'est pas mal non plus, elle touche plus d'audience. Et puis entre français on se comprend plutot bien en anglais 😂
@@ElShadoweee Oui en Anglais c'est bien, je ne dis pas de ne pas le faire en Anglais non plus. Mais les Québecois ne comprennent pas L'anglais des Français! :D Je suis bilingue, ce n'est pas ça le problème, puis de l'excellent contenu en Anglais il y en as déjà des masses! ;)
Yeah
My mom is telling me to hack loreal company and ask them for free cosmetics 😅
2nd comment 🎉
1stt comment pls pin
❤ Cousin / T
Thomas Kenneth Wilson Jennifer Lopez Linda
Bro, You're the Best Hacker 😎
How to Join 😊
Yes we hack ❤
We need more informative video like that because they are inspiring us ❤
Aceptan reportes en español? Soy de México
Cool
Three years ago, I went a long way in cyber security, But now I have forgotten everything due to lack of practice. Is anyone here to guide me?
no one will forget the concepts
@@itsm3dud39 I really forget
Once I fully understand how to detect vulnerabilities, it will be game on
so ur trying to be cool like the famous ones
insane !!!
Very interesting event, saluti dall'Italia
C'étais un super event !
❤ SHOW
TBH A lot of the programs which I see don't allow automation but it seems to be the first stop for a lot of people. For me, I prefer a deep dive and just see how things work and what might have been rushed during development.
🔥🔥🔕
Beautiful to watch more of this thanks ❤
❤
the best explanation video I have seen on this topic on this
The more I explore the more I get. These guys are the demigods of modern world.
I love these insights!
I find your approach to staff training quite intriguing. By incorporating real company bugs into the training environment, you are able to increase the acceptance and engagement of the developers, which is a fascinating aspect of your methodology.
cool interview from a cool guy. keep up the good work. Not many people are lucky enough to be good at what they do and have fun at the same time.
Nice presentation 👏
Looking forward to doing this again with you guys next year! ❤
C'était trop cool ! J'ai pu apprendre tellement de choses,merci beaucoup!
:)
ρяσмσѕм