The API vulnerabilities nobody talks about: excessive data exposure
TLDR: Excessive Data Exposure (leaking internal data via API responses) is the silent, pervasive threat that is more dangerous than single dramatic flaws like SQL …
IT Security FAQ 5: What is ethical hacking vs malicious hacking? And what is a bug bounty hunter/program?
Detectify
Comparing ethical hacking to malicious hacking is kind of like comparing the good guys to the bad guys.
Ethical hackers look for vulnerabilities and report them, whereas malicious hackers have a more mischievous agenda. They are the guys you usually see in the movies hacking a bank and stealing money. Ethical hackers are the people working to make the world a safer place – like your favorite team of hackers at Detectify!
Comment from our expert:
“Ethical hackers are security consultants and good hearted people that find vulnerabilities on sites and services and report them to the company to prevent them from being hacked in the future. Many companies offer ”Bug Bounty Programs” where they ask Ethical Hackers to try and hack their sites in order to find loopholes, and in return they get a cash award for it.”
“The bigger the security breach they find, the more money the company is willing to pay. Hackers looking for those kinds of bugs and vulnerabilities on sites to get those kinds of awards are referred to as Bug Bounty Hunters,”
explains Johan Edholm at Detectify.
Want more IT security information? Don’t miss out on the other parts of our IT Sec FAQ series!
Check out more content
Migrating Critical Messaging from Self-Hosted RabbitMQ to Amazon MQ
TLDR: We successfully migrated our core RabbitMQ messaging infrastructure from a self-hosted cluster on EKS to managed Amazon MQ to eliminate the significant operational burden …
