Tag Archive for: INCLUDE

HackerOne Extends Internet Bug Bounty Program To Include Open Source Bugs

/in



HackerOne has received sponsors from Facebook, TikTok, Shopify, and more for the extended Internet Bug Bounty (IBB) program scope.

Source…

Rapid7 says Computer Misuse Act should include ‘good faith’ infosec research exemption • The Register

/in


Infosec firm Rapid7 has joined the chorus of voices urging reform to the UK’s Computer Misuse Act, publishing its detailed proposals intended to change the cobwebby old law for the better.

The cloud-based SIEM company specifically highlighted section 3A of the CMA, saying this potentially “imperils dual-use open-source security testing tools and the sharing of proof-of-concept code”.

It also echoed other industry concerns about criminalising general security research through section 1 of the act, which prohibits accessing a computer without the owner’s permission.

“It’s worth noting that neither the National Crime Agency (NCA) or the CPS seem to be recklessly pursuing frivolous investigations or prosecutions of good-faith security research. Nonetheless, the current legal language does expose researchers to legal risk and uncertainty, and it would be good to see some clarity on the topic,” said Rapid7 in a blog post published over the sleepy summer period.

Highlighting “dual use technologies” the company suggested “clearer protections” under section 3A(2), exempting anything “capable of being used for legitimate purposes” and which were both widely available and “intended by the creator or supplier” for legitimate uses.

Where this would leave tools such as Cobalt Strike is unclear. The threat simulation tool was originally developed for pentesters but has become ubiquitous among malicious folk on the internet – to the point where six suspects arrested in connection with the notorious Clop ransomware gang were found to be using it.

Rapid7 also proposed a legal exemption for “good faith” security research, resting on the notion that good faith research can be shown to be carried out “in a manner reasonably designed to minimise and avoid unnecessary damage or loss to property or persons”.

The Home Office announced plans to reform the…

Source…

Dynatrace enhances its Digital Experience Module to include Session Replay for native-mobile apps

/in


Dynatrace announced it has enhanced its Digital Experience Module to include Session Replay for native-mobile applications. This will provide digital teams with a movie-like view of a mobile user’s experience, enabling teams to see every click, swipe, and tap from the user’s perspective, and allowing them to optimize mobile apps for performance, feature adoption, and conversions.

Session Replay also provides data privacy by design, meaning organizations in even the most highly regulated industries, who need to comply with regulations such as GDPR, can leverage customer behavior and experience data to drive better user experience and business outcomes.

The enhancements will also extend Dynatrace’s digital business analytics capabilities to native-mobile applications, which helps teams understand how user journeys impact critical business KPIs, including conversion rates, and app store ratings.

“Dynatrace’s digital experience monitoring and business analytics capabilities enable us to continuously improve user journeys and maximize conversions,” said Ken Schirrmacher, Senior Director of IT at Park ‘N Fly.

“Session Replay and business analytics for native-mobile applications will provide us with precise insights into a mobile user’s experience from the user’s vantage point.

This allows our teams to prioritize new features and innovations that enhance our apps and maximize value for our business, all while ensuring data privacy.”

Mobile use continues to grow at a rapid rate, raising the stakes for enterprises to deliver outstanding mobile experiences. According to the GlobalWebIndex, mobile use now accounts for more than half of the total time spent online. Statista estimates, in 2021, 80% of all retail e-commerce will be generated via mobile.

To help digital teams deliver the best possible native-mobile experiences, Dynatrace provides:

  • Dynatrace Session Replay, optimizing business outcomes by enabling developers, application, and business teams to easily review user sessions and understand how new features impact user journeys.
  • Data privacy by design, making it easy to protect users’ data and comply with regulations, such as GDPR and CCPA, by…

Source…