Alex Haynes is an independent researcher with a background in offensive security. He is credited for discovering vulnerabilities in products by Microsoft, Adobe, Pinterest, Amazon Web Services and IBM. He is a former Top 10 ranked researcher on Bugcrowd and a member of the Synack Red Team. He is also a frequent contributor to InfoSec publications and speaks regularly at conferences on the topics of offensive security, vulnerability management and crowdsourced security. He is currently the CISO at IBS Software.
Today, breaches continue unabated at the same alarming rate to which we have grown accustomed. More than 36 billion records were exposed in 2020 alone and that’s only counting those we know about. The real figure will rise far higher. The rate of these data leaks is so frequent that it is hard to track … Read more
In the past few years, cybersecurity automation in many spheres of Cybersecurity increased dramatically. However, pentesting remains stubbornly immune to this. While crowdsourced security has evolved as an alternative to pentesting in the past 10 years, it’s not based on automation. Rather, the alternative simply throws more humans at a problem and in the process, … Read more
The gravest warning a pen test report could contain are the words “The host may be vulnerable to remote code execution”. It is hard to know what that immediately means. Did they get system access on a host? Nope. Was there a public exploit available for that version of software that enabled remote code execution? … Read more
Crowdsourced security programs have grown in popularity to the point where some enterprises have dispensed with traditional pentesting, using the crowdsourced model exclusively for auditing the security of their applications and infrastructure. What is Crowdsourced Security? Crowdsourced security methodologies invite a group of people (a crowd) to test an asset for vulnerabilities. The number of … Read more
