AlientVault has a responsible disclosure policy so I experienced it and wanted to test their web application related to security vulnerabilities. I was a little occupied nowadays so I scarcely managed time and began testing their web applications and just engaged with their primary domain. As few of my different companions got recognized from AlienVault and I also wished to don't miss that open door.
After doing a security test I established a couple of vulnerabilities in the meantime and reported it to the security support team without wasting time and get their response in ten days. Thank you for sharing your findings. We have just issued a security-test on this domain, so we will take this into considerations while performing the research.
Following a couple of more days, I approached them for updates and they replied, Thank you for contributing in AlienVault's responsible security disclosure process. Please accept that certificate of appreciation as an honour.
On October 30th, 2017 AlienVault launched a program on HackerOne. I reported the same issue to AlienVault through HackerOne and in the next couple of days they marked this report as resolved by following the issue utilizing HackerOne. I got listed in AlienVault's security researchers Hall of fame as HackerOne policy.
It's not finished by any stretch of the imagination, because it is minimally occupied nowadays and so I was unable to test their web application completely. I will require some time and will retry an infiltration testing to chase some more and high :D
Top comments (0)