Member Article

Wetherby bug busters win PayPal recognition

Wetherby-based security management and compliance company, RandomStorm, has announced that PayPal has named one of its security engineers among the top ten web security researchers on its latest ‘Wall of Fame’ and another among its ‘Honorable Mentions’.

PayPal runs a ‘Bug Bounty’ scheme and regularly publishes a list of independent security testers who have discovered and disclosed web security vulnerabilities, to help make the site safer for customers’ transactions.

Selection of the top ten researchers is based on the severity of the issues identified; discovering and reporting the most interesting vulnerabilities and submitting a high percentage of valid bugs.

RandomStorm’s Avram Marius Gabriel is a web application security specialist and has been testing the PayPal website for a number of years. This is the first time that he has been named among the top ten researchers.

Another RandomStorm researcher, Ryan Dewhurst, has been listed on PayPal’s Honorable Mentions page. In April, Ryan was named as the Rising Star in the SC Magazine Europe Awards 2013, in recognition of his contribution to improving computing security and raising awareness and understanding of information security risks.

PayPal is one of a growing number of website operators who run bug bounty schemes that reward independent researchers for alerting them to vulnerabilities. Bounty schemes help web companies to keep up with the latest cyber threats and remediate issues before they can be exploited by hackers.

Andrew Mason, technical director and co-founder of RandomStorm commented: “We congratulate Avram and Ryan for gaining further recognition for their web security testing.

“It is particularly gratifying to see one of our team take the top spot on PayPal’s latest Wall of Fame.

“The independent research that our web security specialists undertake, as part of bug bounty schemes, keeps their skills sharp and helps them to perform more in-depth pen tests on behalf of all of our clients.”

RandomStorm provides vulnerability scanning and intrusion detection services to help public and private sector companies to improve their security posture and comply with industry guidelines and data protection regulations.

The company is a CESG CHECK security consultancy and certified as both an Approved Scanning Vendor and Qualified Security Assessor by the Payment Card Industry Security Standards Council.

This was posted in Bdaily's Members' News section by Mark Lane .