Wetherby, 17th December 2012, Security management and compliance company, RandomStorm, has announced that one of its security engineers, Avram Marius Gabriel (Twitter @SecurityShell) has been named in Nokia Siemens Networks’ Responsible Disclosure Hall of Fame.

The Responsible Disclosure list acknowledges the contribution made by independent security researchers who help to keep Nokia Siemens Networks customers protected by disclosing new security bugs found in web pages. By privately alerting Nokia Siemens Networks to discovered vulnerabilities, researchers provide the company with an opportunity to close security loopholes before they can be exploited by malicious parties.

Nokia Siemens is the eleventh organisation to recognise Avram Marius Gabriel’s work in responsibly disclosing new security issues. The RandomStorm researcher also been recognised by Google, Microsoft, Adobe, Facebook, eBay, Twitter, Dropbox, Etsy, iFixit and McAfee.

“Major enterprises with large customer bases are a natural target for malicious hackers. By reporting web application bugs, voluntary researchers help to make these organisations’ websites and services safer for users, on an ongoing basis”, said Andrew Mason, Technical Director and co-founder of RandomStorm. “In addition, discoveries made during voluntary bug fixing provide useful data for the enterprise penetration tests carried out for our customers by the RandomStorm team.”

RandomStorm provides vulnerability scanning and intrusion detection services to help companies in the public sector, retail, hospitality, financial and utility industries to improve their security posture and comply with industry guidelines and data protection regulations. The company is a CESG CHECK security consultancy and certified as both an Approved Scanning Vendor and Qualified Security Assessor for the Payment Card Industry Security Standards Council.

References:

• Nokia Siemens Networks Responsible Disclosure Hall of Fame, December 2012 http://www.nokiasiemensnetworks.com/about-us/responsible-disclosure
• Dropbox voluntary security researchers, September 2012 https://www.dropbox.com/special_thanks
• iFixit Responsible Disclosure Programme, September 2012 http://www.ifixit.com/Info/responsible_disclosure
• Etsy Responsible Disclosure Programme, September 2012http://www.etsy.com/help/article/2463
• Microsoft Security Response Centre: list of researchers, September 2011 http://www.cloudscan.me/2011/10/september-2011-security-researchers.html
• McAfee Threats Report Second Quarter 2011, pg 14 http://www.mcafee.com/us/resources/reports/rp-quarterly-threat-q2-2011.pdf
• Facebook whitehats, 2nd July 2012http://www.facebook.com/whitehat/
• Google security Hall of Fame, April – June 2012 http://www.google.com/about/company/halloffame.html
• eBay Responsible Disclosure Acknowledgement page, 28th February 2012: http://pages.ebay.com/securitycenter/ResearchersAcknowledgement.html
• eBay Security Researchers’ page: http://pages.ebay.com/securitycenter/Researchers.html
• Twitter WhiteHats, 1st February 2012 https://twitter.com/about/security
• Microsoft Security Response Centre, 26th January, 2012http://technet.microsoft.com/en-us/security/cc308589

About RandomStorm                                                                                                 

RandomStorm is a UK-based network security company, focused on providing enterprise-level, proactive security management tools and services. The company's core products include: xStorm, an online perimeter vulnerability scanning service; iStorm a network security appliance that provides in-depth scanning of the entire corporate network topology; StormProbe an intrusion detection solution (IDS) with intelligent event correlation that alerts companies when critical assets are at risk and AirStorm, a cloud, or appliance-based IDS, to protect corporate wireless infrastructure.

These core products are supported by a range of complementary monitoring, alerting and remediation services developed under the RandomStorm Open Source Initiative.

RandomStorm is a CESG CHECK security consultancy and both an Approved Scanning Vendor and a Qualified Security Assessor for the Payment Card Industry Data Security Standard (PCI DSS).

For further information please visit: http://www.randomstorm.com

Further information (external website)