YesWeHack – Europe’s leading bug bounty platform – is opening an office in Singapore

YesWeHack – Europe #1 bug bounty platform – has announced that it is opening an office in Singapore. The new office is part of YesWeHack’s fast-growth strategy for its international activities following a €4 million fundraising at the start of the year.

YesWeHack is consolidating its global positioning in a sector that will transform the cybersecurity industry over the next five years.

Kevin Gallerin has been appointed Managing Director APAC to develop YesWeHack’s strategy in Asia. Having spent more than ten years in the region, he knows the Asian cybersecurity market inside out, having notably participated in the launch of CERT-LEXSI in Singapore.

+ Read More

Lucas aka BitK: high level bug hunter and the brand new YesWeHack Tech Ambassador.

Tell us about yourself, your background ?

I’m Lucas also know as BitK, I am 28 y/o. I’m a French guy who lives in Lyon. If you play CTF we have probably already met during an on site event as I play a lot of them with the French team Hexpresso.

Before joining YesWeHack I was writing / reversing software for power plants.

I’m also a bug hunter, I’ve been in the top 10 hackers on YesWeHack Bug Bounty platform since the launch of the platform.

Why did you join YesWeHack and what is your role ?

It’s a team that I’ve known for quite some time through CTF, Bug hunting and HZVCommunity & Events ( LeHack ).

We share the same principles and I do like the idea of bringing tools to the community.

My role as Tech Ambassador within YesWeHack will be to support the hackers’ community, by providing tools, talks and workshop. I’ll attend the YesWeHack sponsored events, having great time with bug hunters and IT security researchers.

As a bug hunter and CTF player what are you driven by ?

To me, bug hunting is a lot like a puzzle game, I feel like every software, application is vulnerable to some kind of exploitation, you just need to find how.

Writing software is a difficult job, and developers are still human beings, so they make mistakes : our job is to find those mistakes and help developers to fix them before it gets worse.

One thing I love about the hacker community is the willingness to share information, tips or tools. There is always someone better than you in a specific field and most of the time those people will share their knowledge if you ask nicely.

What are the benefits of CTF (Capture The Flag) for those who want to start bug hunting ?

CTF is a bit different from bug bounties, the major difference is that in CTF you know that a vulnerability is there, you goal is “just” to exploit it.

So usually CTF tasks are quite small, you need to exploit a very specific bug. While in bug bounties, you are hacking real enterprise, their website can be huge and sometime you can find yourself lost in the scope. Bug Bounty has a whole reckon phase that CTF don’t have, it’s a new skill to learn.

CTF and Bug Bounties are different, but most of the time I use tricks and tips I’ve learn during CTF to exploit real life application in Bug Bounty.

+ Read More

SPARTA — Re-imagining the way cybersecurity research, innovation, and training are performed in the European Union

Cybersecurity is an urgent and major societal challenge. Highly correlated with the digitalization of our societies, cyberthreats have an increasing impact on our lives. It is therefore essential to ensure digital security and strategic autonomy of the EU by strengthening leading cybersecurity capacities. This challenge will require the coordination of Europe’s best competences, towards common research and innovation goals.

SPARTA is a novel Cybersecurity Competence Network, supported by the EU’s H2020 program, with the objective to develop and implement top-tier research and innovation collaborative actions. Strongly guided by concrete challenges forming an ambitious Cybersecurity Research & Innovation Roadmap, SPARTA will setup unique collaboration means, leading the way in building transformative capabilities and forming a world-leading Cybersecurity Competence Network across the EU. From basic human needs (health) to economic activities (energy, finance, and transport) to technologies (ICT and industry) to sovereignty (eGovernment, public administration), four research and innovation programs will push the boundaries to deliver advanced solutions to cover emerging challenges.

The SPARTA consortium, led by CEA, assembles a balanced set of 44 actors from 14 EU Member States, including ANSSI, Institut Mines-Télécom, Inria, Thales, and YesWeHack for France, at the intersection of scientific excellence, technological innovation, and societal sciences in cybersecurity. Together, along with SPARTA Associates, they aim at re-imagining the way cybersecurity research, innovation, and training are performed in Europe across domains and expertise, from foundations to applications, in academia and industry.

In sharing experiences and excellence, challenges and capabilities, SPARTA makes decisive contributions to European strategic autonomy.

Press Release & Contacts

***

Follow SPARTA – Cybersecurity Competence Network –
on Twitter @sparta_eu

YesWeHack raises €4 million and plans to disrupt Europe’s cybersecurity market

YesWeHack, Europe’s leading Bug Bounty platform, announced today it has raised €4 million from Open CNP, the corporate venture program of CNP Assurances, and Normandie Participations. This deal aims at asserting the company’s presence in France and accelerate its international development, notably in Europe and Asia.

Founded in 2013, YesWeHack offers companies an innovative approach to cybersecurity with Bug Bounty (pay-per-vulnerability discovered), connecting more than 7,000 cyber-security experts (ethical hackers) across 120 countries with organizations to secure their exposed scopes and reporting vulnerabilities in their websites, mobile apps, infrastructure and connected devices.

 “YesWeHack mobilises collective intelligence to plug the widening gap in cybersecurity skills – one of the big challenges of the next few decades”

Guillaume Vassault-Houlière, CEO of YesWeHack
+ Read More

YesWeHack joins platform58, the start-up incubator of La Banque Postale

Building Trust at the core of digital transformation.

La Banque Postale puts its customers’ interests above all.

Through the creation of platform58, La Banque Postale asserts its willingness to strengthen its digital transformation for both its employees and customers.

Cybersecurity being a pillar of digital transformation, YesWeHack is looking forward to mobilizing its community in order to improve the banking industry global security.

The banking industry sees itself at a pivotal moment. The expectations of our customers but also of our employees, the rise of new disrupting techs and emerging players, require us to design a more open banking platform. With platform58, a strategic project for La Banque Postale, we embrace this change by creating a French FinTech & InsurTech ecosystem embodying our banking and civic values. We build together (start-ups, customers, partners, etc.) the bank and insurance of the future.

Remy Weber, Chairman of La Banque Postale’s Executive Board.

YesWeHack is delighted to be one of the first 7 start-ups to be hosted by platform58.

platform58 provides support and hosting for start-ups developing solutions in the fields of banking, insurance, technology, but also finance-related services, such as big data, health and education.

The platform58 incubator will offer selected start-ups (max. 10 per year) tailor-made support by experts and managers of La Banque Postale, with no equity investment and no time limit. Other actors, in particular CNP Assurances, 50 Partners1, Visa, EY, TelecomParisTech, 1000Mercis, and Startway will contribute to the success of start-ups.

The 7 selected start-ups

YesWeHack provides its bug bounty platform and expertise to the French Armed Forces Ministry.

YesWeHack is delighted to support the French Cyber Defence Command (COMCYBER), in order to leverage its 3,400 cyber-combatants+ force.

YesWeHack, a French start-up and bug bounty leader in Europe, equips COMCYBER with an innovative concept and tool to boost cooperation with all the Ministry’s cyber entities.

This bold initiative is part of the Ministry opening up towards the civil society and private actors.

Florence Parly, the French Armed Forces Minister, announced on the 22nd of January :

A partnership has been established between COMCYBER and a start-up, YesWeHack. So, yes, I do announce: we will launch the first bug bounty of the French Armed Forces Ministry at the end of February 2019. Ethical hackers, recruited within the cyber operational reserve, will be able to search for vulnerabilities in our systems and, if successful, be as they should be, rewarded.

Florence Parly, the French Armed Forces Minister

With the signing of this partnership, the Armed Forces Ministry becomes the first French Ministry to launch a bug bounty program. COMCYBER will leverage YesWeHack bug bounty platform to meet the growing challenge posed by new cyber threats.

With the YesWehack bug bounty platform, COMCYBER will be able to best use its trusted community of reservists, in order to improve global security of the ministry’s entities

Guillaume Vassault-Houlière, YESWEHACK CEO

This bug bounty program opens new perspectives for the management of the operational cyber reserve. Ultimately, such initiative will make possible to train reservists and increase their skills to significantly and durably improve the Ministry’s level of security.

YesWeHack & French COMCYBER
Joint Press Release

YesWeHack sponsor du CESIN : pour contribuer à renforcer la coopération entre les experts et les décideurs.

L’équipe YesWeHack est fière d’annoncer qu’elle devient officiellement sponsor du CESIN, une association qui lui est chère.

YesWeHack et le CESIN vont, ensemble, contribuer à renforcer la coopération entre tous les acteurs du numérique.

La communauté de YesWeHack, forte de plus de 6500 chercheurs, est désormais représentée au sein du CESIN.

Un combo gagnant : la transformation numérique et la Cybersécurité

YesWeHack inscrit ce partenariat avec le CESIN dans le long terme, afin de partager sa vision de la cybersécurité du futur, adaptée aux transformations que connaissent les membres de l’association. 

Ayant contribué au sein du CESIN depuis 2016 en tant que CISO chez Qwant, c’est une fierté de devenir sponsor aujourd’hui avec YesWeHack. Nous allons continuer à participer aux échanges au cœur du CESIN car la cybersécurité est le pré-requis essentiel pour mener efficacement toute transformation numérique auprès des décideurs.”

Guillaume Vassault-Houlière, CEO de YesWeHack.

Avec plus de 500 membres, les activités du CESIN connaissent un succès grandissant parmi les experts en cybersécurité et YesWeHack est très enthousiaste à l’idée de participer à cette dynamique riche de promesses.

Le CESIN a souhaité cette année diversifier son sponsoring en accueillant en son sein quelques startups innovantes.

L’objectif est d’offrir encore davantage de visibilité à des entreprises auxquelles nous croyons beaucoup, comme YesWeHack car elles apportent, par leur innovation et leur audace, une réponse complémentaire aux enjeux de la cybersécurité auxquels sont confrontés les RSSI membres du club.

Alain Bouillé, Président du CESIN.

YesWeHack et le CESIN vous donne donc rendez-vous en 2019 pour une année constructive faite de rencontres et de projets concrets.

Open Source software audits via Bug Bounties for the EU institutions: digital.security and YesWeHack awarded.

digital.security and YesWeHack are glad to be part of the 3 winners of the tender for Free and Open Source Software Audit (FOSSA OSS-BB). FOSSA OSS-BB’s main goal is to help improve the overall security of the Internet by focusing on free and open source tools used by Citizens and Public entities of European Union.

Press Release >
Version en français >

FIC 2019: YesWeHack’s community, NGOs & CivicTech unite through a unique Bug Bounty Campaign.

For this edition of FIC 2019, YesWeHack is organizing, for the first time in the history of FIC, a special event dedicated to Bug Bounty.

The International Cybersecurity Forum: the European reference event bringing together all stakeholders in digital trust will take place on 22 and 23 January.

This unprecedented bug bounty campaign will take place in an original space reserved for dozens of security researchers so that they can operate over several scopes, and where applicable, earn rewards according to the criticality of the reported vulnerabilities.

For this Premiere, the scopes are submitted by NGOs and CivicTech projects wishing to harden their systems and thus better protect their information assets and their reputation.

YesWeHack has chosen this year to help NGOs and Civictech as a priority, because many European citizens use tools developed by this sector to contribute to the common good, democracy, associative and charitable projects.

“For all actors, customers, developers and researchers, this Bug Bounty campaign within the 2019 FIC is a great and useful opportunity to exchange and confront the reality of threats in order to significantly increase the level of security and privacy by design”

Guillaume Vassault-Houlière – CEO @YESWEHACK

The Bug Bounty’s area will welcome bug hunters who will cooperate with “program managers” from the selected projects with the support of Romain Lecoeuvre, the CTO of the YesWeHack team.

The rewards will be of two types: a total prize pool of several thousand euros is planned to reward the best researchers and goodies collectors will delight some players.

+ Read More

Partenariat : SODIFRANCE & YESWEHACK.

Sodifrance et YesWeHack renforcent leur collaboration autour du Bug Bounty pour lutter efficacement contre les risques Cyber.

Sodifrance, au travers de sa marque d’experts Antéo Trust & Security et YesWeHack, principale plateforme ouverte de Bug Bounty en Europe, annoncent la signature d’un partenariat pour faciliter la détection de failles informatiques et offrir aux entreprises une réponse globale à leurs enjeux de cybersécurité.

Dans le cadre de leur transformation numérique, les entreprises de tous secteurs et de toutes tailles exploitent pleinement les capacités des nouvelles solutions numériques pour accélérer leur croissance et améliorer l’expérience client. En parallèle, le nombre de cyber-attaques augmente et leurs conséquences vont en s’aggravant : perte de chiffre d’affaires, de clients, vol de données, atteinte à l’image, et désormais risques juridiques avec les nouvelles réglementations telles que RGPD.

Face à ces nouveaux enjeux de sécurité, Sodifrance s’appuie sur la plateforme de YesWeHack pour proposer une solution innovante de services en cybersécurité. Elle permet aux entreprises de toutes tailles de mieux maîtriser le niveau de sécurité de leurs applications et environnements IT.

« Nous souhaitions proposer à nos clients une offre complémentaire aux audits de type Pentest ou Red Team » indique Hervé Troalic, Directeur de l’offre Sécurité de Sodifrance.

Hervé Troalic poursuit : “La solution clé en main de Bug Bounty que nous proposons, rendue possible par ce partenariat avec YesWeHack, apporte aux entreprises qui investissent dans des stratégies web et mobile, de réels atouts pour maîtriser la sécurité de leurs applications. De surcroît, elle s’avère parfaitement adaptée auprès des organisations qui adoptent les pratiques DevOps et qui souhaitent ne pas sacrifier la sécurité de leurs applications aux impératifs du time to market.”

Pour Guillaume Vassault-Houlière, fondateur de YesWeHack,

« Cette collaboration avec Sodifrance offre à nos clients un service sur mesure, complémentaire et à forte valeur ajoutée. Elle répond au souhait des RSSI et Directions générales de pouvoir s’appuyer sur des acteurs de confiance européens, à l’écoute de leurs clients et respectueux de leurs contraintes budgétaires. »

A propos de Sodifrance
Entreprise de Services du Numérique créée en 1986, Sodifrance compte plus de 1350 consultants répartis sur 14 implantations en France. L’offre de services se décompose en 6 grands métiers : le conseil technologique, la transformation numérique, le Data Management, la modernisation de SI, les services pour les applications et les services d’infrastructure. Sodifrance assure la transition entre les SI historiques et les nouveaux modèles IT, permettant aux organisations de toutes tailles de renforcer leur compétitivité et collaborer plus efficacement grâce aux solutions innovantes centrées sur la mobilité, la sécurité, le Big Data et le Cloud.

A propos de YesWeHack
Avec des bureaux en France et en Suisse, YesWeHack est la première plateforme européenne de Bug Bounty en termes de nombre de clients et de nombre de hunters, conforme aux standards de sécurité et normes juridiques européennes.

1 2 3

Events

Categories