Leeds, 19th September 2013, Security management and compliance company, RandomStorm, has announced that PayPal has named one of its security engineers among the top ten web security researchers on its latest Wall of Fame and another among its Honourable Mentions.
PayPal runs a Bug Bounty scheme and regularly publishes a list of independent security testers who have discovered and disclosed web security vulnerabilities, to help make the site safer for customers’ transactions. Selection of the top ten researchers is based on the severity of the issues identified; discovering and reporting the most interesting vulnerabilities and submitting a high percentage of valid bugs.
Avram Marius Gabriel, (Twitter @SecurityShell), is a web application security specialist and has been testing the PayPal website for a number of years. This is the first time that he has been named among the top ten researchers. Another RandomStorm researcher, Ryan Dewhurst (Twitter @ethicalhack3r), has been listed on PayPal’s Honourable Mentions page. In April, Ryan was named as the Rising Star in the SC Magazine Europe Awards 2013, in recognition of his contribution to improving computing security and raising awareness and understanding of information security risks.
PayPal is one of a growing number of website operators who run bug bounty schemes that reward independent researchers for alerting them to vulnerabilities. Bounty schemes help web companies to keep up with the latest cyber threats and remediate issues before they can be exploited by hackers.
Andrew Mason, Technical Director and co-founder of RandomStorm commented, “We congratulate Avram and Ryan for gaining further recognition for their web security testing. It is particularly gratifying to see one of our team take the top spot on PayPal’s latest Wall of Fame. The independent research that our web security specialists undertake as part of bug bounty schemes helps to keep their skills sharp, enabling them to perform more in-depth pen tests on behalf of our clients.”
RandomStorm provides vulnerability scanning and intrusion detection services to help public and private sector companies to improve their security posture and comply with industry guidelines and data protection regulations. The company is a CESG CHECK security consultancy and certified as both an Approved Scanning Vendor and Qualified Security Assessor by the Payment Card Industry Security Standards Council.
- PayPal Wall of Fame, Top Ten: https://www.paypal.com/webapps/mpp/security-tools/wall-of-fame
- PayPal Wall of Fame Honorable Mentions: https://www.paypal.com/webapps/mpp/security-tools/wall-of-fame-honorable-mention
- SC Awards Europe 2013: Professional Awards Finalists http://www.scawardseurope.com/shortlist-2013
- SecurityPark, 29th February 2013, “RandomStorm researcher makes bid for better security on ebay”http://www.securitypark.co.uk/randomstorm-researcher-makes-bid-for-better-security-on-ebay/
- PC Pro, 7th December 2012, “The life of a bug bounty hunter” http://www.pcpro.co.uk/features/378577/q-a-the-life-of-a-bug-bounty-hunter
RandomStorm is a UK-based network security, vulnerability management and compliance company, focused on providing enterprise-level, proactive security management tools and services. RandomStorm’s experienced and certified security experts are able to offer customers a wide range of integrated world-class security vulnerability assessment and professional security services. Covering initial consultancy and gap analysis through to network and application testing, as well as managing client’s business compliance accreditation process, RandomStorm aims to work with organisations to ensure that their security investment is fully optimised on a 24/7/365 basis.
RandomStorm’s core products are supported by a range of complementary monitoring, alerting and remediation tools and services developed under the RandomStorm Open Source Initiative.
RandomStorm is a CESG CHECK security consultancy as well as a Qualified Security Assessor (QSA) and an Approved Scanning Vendor (ASV) for the Payment Card Industry Data Security Standard (PCI DSS). Please visit http://www.randomstorm.com for further information.