Search Go hack yourself with Detectify

An EASM blog from Detectify

Detectify's Year in Review 2017

December 12, 2017

December is here again and the year is coming to a close even though it feels like it was January 2017 only yesterday. It’s been a busy year at Detectify, full of exciting changes!

Detectify Year in review 2017

30 events

We attended 30 events in 2017, both in Sweden and abroad. Members of the Detectify team talked at conferences, organised workshops, and shared their security knowledge. Here are some highlights!

Frans Rosén, Detectify’s security advisor, gave a talk about web security, ethical hacking, and bug bounty hunting at Webbdagarna.

Detectify's Frans Rosén at Webbdagarna

Frans Rosén at Webbdagarna, Photo: Webbdagarna

Our frontend developer Martina Janevska talked about secure development at Swetugg and Testing Forum, showing the audience how to improve their security mindset and write safer code.

Detectify's Martina Janevska at Swetugg

Martina Janevska at Swetugg, Photo: Swetugg

We also attended Ecommerce Stockholm, where our security researcher Linus Särud talked about his background as an ethical hacker and shared some tips on how to secure e-commerce stores.

Linus Särud at Ecommerce Stockholm

Linus Särud at Ecommerce Stockholm, Photo: Ecommerce Stockholm

New Detectify office

In spring, we moved to our shiny new office at Långholmsgatan 34. To celebrate, we organised a housewarming party for our business partners, investors, hackers, and friends.

Detectify housewarming party

Detectify housewarming party

A new office means more room for parties! We have had some fantastic hacker nights (with plenty of pizza, of course), where our security researcher and co-founder Fredrik Nordberg Almroth showed us cool hacks.

Detectify Hacker Night

Fredrik Nordberg Almroth at one of our hacker nights

Themed afterworks were another highlight of the year, including a 1920s party and a Halloween pumpkin carving evening.

Detectify Pumpkin Carving

We also continued the tradition of having a company breakfast every other Friday. One member of the team, our office dog Jago, is particularly fond of our breakfasts!

Detectify team breakfast

More transparency in the tool

Throughout the year, increasing transparency in the tool and making Detectify even more intuitive was our key focus. To give you a better idea on what’s going on under the hood, we have added more information to the finding details view and developed an advanced graph that allows you to track your findings over time.

Detectify Advanced Graph

The advanced graph

We have also released auto discovery, a new feature that shows you all the subdomains we identified on the verified domain and makes it easier to set up scan profiles. To top it all off, we added some new security features like 2-factor authentication and SSO support. What a year!

A growing team

The Detectify team continued to grow in 2017 – in fact, this was one of the reasons we moved to a new office! Awesome new colleagues joined us in tech, sales, and marketing. We now have 10 nationalities in the team and speak 15 languages in total. Pretty impressive! We also extended our data team with two summer interns and were sad to see them go back to school.

Interested in joining us? Take a look at our career page!

Detectify team photo

New clients on board

In 2017, we were joined by many fantastic new clients who share our passion for security. Read their user stories to find out more about how companies like Episerver and Office IT Partner work with security and use Detectify in the development process.

Detectify Crowdsource turned 1

In November, our ethical hacking platform Detectify Crowdsource turned 1! We have over 100 handpicked security researchers in the Crowdsource community and so far, security tests submitted to Crowdsource have identified 10 037 vulnerabilities on our customers’ websites.

If you’d like to find out more about Detectify Crowdsource, head over to our Crowdsource category.

Detectify Crowdsource 1 year

Over the past year, we have been working hard on the platform to improve the Crowdsource experience. One of our favourite new features is the new public leaderboard where you can see the top 10 Crowdsource hackers.Detectify Crowdsource Leaderboard

Detectify Crowdsource public leaderboard

Are you a security researcher and would like to join Crowdsource? Check out the Crowdsource website to find out more >>

Magento security

In October, our security team worked hard to add new Magento security tests to the service and help our e-commerce clients secure their stores before Black Friday. We also published a series of articles about Magento security, including research about the most common Magento security mistakes, a Magento security 101 guide, and an interview with Magento agencies Vaimo and Divante.

Tinder, Slack, DOOM, and a whole lotta S3 buckets

Our researchers were busy in 2017, writing about their latest security discoveries. We highlighted Tinder privacy issues, found a vulnerability in Slack, invented the Tesla DOOM DOM XSS, and delved into S3 bucket misconfigurations.

Since we published our S3 research, AWS bucket misconfigurations have become a hot topic and Amazon recently introduced additional security features to help users keep their buckets safe.


Like DOOM? Then you should check out our DOOM DOM XSS write-up

OWASP Top 10 2017

We were excited to see the release of the new OWASP Top 10 list and commented on the changes OWASP Top 10 2017 has brought. We also posted a range of OWASP Top 10 attack demos and are now working on adding new ones, covering the updated Top 10 list.

By the way, Injection is still the #1 OWASP vulnerability. Watch the video below to find out how it works:

Detectify on WIRED’s list of hottest startups

In September, we were thrilled to find out that we had been featured on WIRED’s list of Europe’s hottest startups for the second year in a row. How cool is that?! The list is packed with amazing startups from across Europe and we’re really proud to be part of it.

Detectify on Wired list of hottest startups

But wait, we were nominated for more…

We were also one of the 33 companies that were selected as Sweden’s hottest tech startups of 2017 by Swedish tech publication Ny Teknik.

Detectify at NyTeknik's event for Sweden’s hottest tech startups

Our Marketing & Content Coordinator Robyn was nominated for the Rookie of the Year award by Dagens Media.

Detectify at Inhouse Awards

Our Go Hack Yourself stickers are still taking over the world…

Detectify stickers

Keep the photos coming, we love seeing our stickers travel the world and spread the word about web security!

It’s been a great year and we’re looking forward to making the internet safer in 2018. Happy holidays!