Synack Red Team

DEF CON is less than two weeks away! ⚡ We're a proud sponsor of this year's Bug Bounty Village 🐞, where you can expect to meet many of the world's top ethical hackers. Best of all, they'll be sharing their #cybersecurity insights. Hope to see you there: hubs.ly/Q03yVBGT0

Synack Red Team member Yeasir “zy1l0i2u” Arafat discovered a cross-site scripting vulnerability in SAP Concur Open that could be exploited to hijack sessions, exfiltrate data and more. Follow along as he walks us through his discovery of this vuln → hubs.ly/Q03jWHCS0

💭 It all started during an assessment of a web application. In the latest Exploits Explained, Synack Red Team member "nerrorsec" recounts the discovery of a DOM-based XSS vulnerability that was patched…and then found in another product from the same company a year later. Interested in reading more? Follow along → hubs.ly/Q03gXrdc0 #cybersecurity #pentesting #infosec

👀 Synack Red Team member Busra (@turakbusra) walks us through her discovery of an access control violation vulnerability that led to account takeover. Follow along → hubs.ly/Q03fZ7fR0

🪖 From military to private sector cybersecurity, Synack Director of Infrastructure and Security Operations Todd Humes brought his unique skill set to the table when he joined the team in 2018 to further strengthen Synack’s systems globally. The innovative vision behind Synack and the vision of aligning the power of highly skilled and vetted researchers on a single platform deeply resonated with him. Why should veterans with cybersecurity experience consider joining the Synack Red Team (SRT)? Read on → hubs.ly/Q037gv0p0 Apply to the SRT today → hubs.ly/Q037gjM00

👾 The OWASP Foundation introduced a new version of the OWASP Top 10 for Large Language Model Apps. While there’s no one-size-fits-all solution for security, having the @SynackRedTeam on your side certainly helps. Read on → hubs.ly/Q035Nx3f0.

💭 Default credentials are a thing of the past, right? Wrong. Follow along as Popeax, a Synack Red Team member, explains why they still plague organizations today and how the Synack Platform can help discover these vulnerabilities in ways that cannot be replicated by scanner or automated solutions. Check out this previous Exploits Explained here → hubs.ly/Q034vNWv0

☃️ Synack wishes you and yours a wonderful holiday season filled with festive cheer, loved ones, family and friends! We’re proud to keep our customers secure this season as people unwind, relax and ring in the new year. Happy holidays!

Happy Thanksgiving! Whether you’re gathering with loved ones, friends or family, we hope your holiday is filled with fantastic food and memories. At Synack, we’re thankful for all of our incredible employees, customers, partners, Synack Red Team and more.

👀 SRT member William W. (@phyr3wall) discusses his discovery of a notable problem in a chatbot deployed on a platform associated with a large healthcare insurance company. Read on for an in-depth analysis of the techniques used to uncover this vuln → hubs.ly/Q02YMj1s0

👩🏽‍💻 The Synack Red Team’s very own Jennifer Villarreal joined the latest installment of the WE’RE IN! podcast, sharing her personal journey into the world of ethical hacking. Give it a listen → hubs.ly/Q02QBvr-0

Adiós, Las Vegas! We had a blast this past week. Don’t forget to check out the Synack Red Team for part-time hacking opportunities. We also have several SRT Pathways that can speed up the application process. 👀 To learn more, click here → hubs.ly/Q02KTWhs0

👀 Don't miss out! Swing by Creator Stage 4 at 2:00 p.m. at @BugBountyDEFCON

Learn from a full-time bug bounty hunter, with tips, tricks and real-world examples. "Reflections on a Decade in Bug Bounties: Experiences and Major Takeaways" by Nikhil Shrivastava (@niksthehacker) and Charlie Waterhouse! 📅 Friday, Aug 9 ⏰ 5 PM 📍 Creator Stage 4

Uncover corporate banking vulnerabilities at #DefCon! 🚨🔍 See how researchers hacked global banking systems & found critical flaws. Perfect for #securityprofessionals, #researchers and #redteam experts. 📅 Aug 9, 12:30 PM 📍 AppSec Village 🔗 hubs.ly/Q02K8wr-0

👀 📣 #SRTBookGiveAway Find us after the @BugBountyDEFCON Community Leaders Panel @ 11:00 a.m. (hubs.ly/Q02K8ypf0) and use #codewordFirefly to win one of 10 copies of @redteamfieldman by Clark/Downer #WhileSuppliesLast

Got #TSSCI? Swing by the @BugBountyDEFCON booth to discuss #PublicSector #hacking opportunities on Synack’s FedRAMP Moderate Authorized platform! Apply today → hubs.ly/Q02K8yVc0

Thank you @SynackRedTeam and @ArtemisRedTeam for having me as a panelist for Women in Cyber - Networking breakfast! It was so amazing connecting with everyone! ❤️ #synack #BlackHat2024

It’s been a fabulous few days here at @BSidesLV! So many great stories and knowledge shared. Don’t forget to check out the Synack Red Team for part-time hacking opportunities. Visit hubs.ly/Q02K8BlF0 #TSSCI #PublicSector #FedRAMP

👀 📣 #SRTBookGiveAway – Be the FIRST to follow the Synack Red Team (on LinkedIn or X) and mention #codewordSCORPION at our @BSidesLV booth to win a copy of #TheHackerPlaybook by Peter Kim.