H4ck3rm1k3 avatar

Support for Vulnerability Reporting

h4ck3rm1k3st33m

Published: 28 Jan 2018 › Updated: 28 Jan 2018Support for Vulnerability Reporting

Support for Vulnerability Reporting

There are many bug bounty projects being run by different companies and projects. In those projects people are paid to do security testing and find vulnerabilities. The issue there is you need to keep the bugs found secret. My suggestion here is to support that in utopian.io by putting the sensitive data into the blockchain but encrypting it with PGP to the company being disclosed to.

Related work

This is related to https://utopian.io/utopian-io/@kslo/adding-responsible-disclosure-vulnerabilities-to-utopian but my suggestion includes the ability to encypt the disclosure for the delegate so it is different.

Components

Bug Reporting of software Vulnerabilites

Proposal

The bug reporting section needs to have the ability to securely report disclosures for Software Vulnerabilities. This includes being able to encrypt the bug report for submission, the reviewing of it by qualified individuals.

Mockups / Examples

image3753.png

Benefits

This will improve the value of utopian.io for other projects providing a secure bug bounty program.



Posted on Utopian.io - Rewarding Open Source Contributors

Leave Support for Vulnerability Reporting to:

Written by

Programmer+Sysadmin = Devops?

Read more #utopian-io posts


Best Posts From H4ck3rm1k3

We have not curated any of h4ck3rm1k3st33m's posts yet. But you can encourage our curation team to review posts by visiting them regularly and by referring other readers. Because we give priority to frequently read content.

More Posts From H4ck3rm1k3