Blueliv was a proud sponsor of the recent CyberSecurity MeetUp held at Microsoft in Helsinki on 31 August 2016. Our very own Ramon Vicens, Research Labs VP, took part in the agenda to showcase the Blueliv Threat Exchange Network and share insight on innovation, social communities and sharing intelligence in an ever-evolving cyber threat landscape.
This encouraged some lively discussion about the reasons why organizations need to enhance their existing security solutions with an extra layer of external threat intelligence. Delegates were keen to understand the benefits of sharing information openly with industry peers, as well as the risks of using such a public forum to do it.
Collaborate and conquer
The Blueliv Threat Exchange Network has been developed to enable researchers and security professionals to collaborate on the topics most relevant to them. Blueliv is a firm believer that sharing Indicators of Compromise (IoCs) increases our strength and solidarity in the fight against cybercrime. The big industry players such as anti-virus software providers already practice this collaborative approach to an extent. The Blueliv community is designed to complement this activity, and can reassure users that the risks of sharing intel online are minimal; it’s important to remember that the cybercriminals will continue to change their tactics and evolve their techniques regardless of whether we join forces as an industry to combat the threats they pose.
Time is money
Omar Benbouazza, Security Specialist at Basware, opened the MeetUp with some thought-provoking insights about rewarding Beta testers with incentives. Testing in Production is essential to eliminate as many bugs as possible before software is released. Companies such as Microsoft and Apple have been known to offer cash incentives to encourage Beta users to participate in testing, however Omar believes organizations can improve their efficiency by employing smaller groups from the ethical hacking community to produce better quality reports. Crowd-sourcing comes with many benefits, however in some cases this approach can limit effectiveness, risk increasing the costs associated with testing and delay releases.
More bug for your buck
Yassir Kazar, CEO and co-founder of Yogosha, invited delegates to get a glimpse behind the scenes of the start-up and explained how their Bug Bounty offering is different to traditional pen-testing. Bug Bounties enable organizations to negotiate with the whitehat hacker community to report security flaws found in their systems in return for an appropriate reward. Yogosha’s Bug Bounty platform supports Omar’s views on using more targeted solutions for the testing phase.
Yogosha is currently in private beta mode – get in touch with firstname.lastname@example.org if you’d like to participate.
A special thank you to Omar Benbouazza for hosting the agenda in Helsinki.
Come and join the fight against cybercrime – join the Blueliv Threat Exchange Network today.