Thanks Harry, that’s a really good idea! I’ll add that to my list :) (P.S. Love your book BTW I give it to all of my juniors :) )
> On 3 Jul 2023, at 18:48, Harry Percival <harry.perci...@gmail.com> wrote: > > Have you considered bug bounty programmes? I think we used HackerOne back in > the day and got a few actionable fixes out of it, without ever spending too > much money. > > Iirc we'd pay out like $50 for little things that were arguably not real > vulns but just missing best practices (rate limiting password reset requests > was an example iirc? Bit worried someone will jump on me saying how insanely > important that is lol) - the kinds of things you can find with an automated > tool and minimal actual effort from the pentester -- and 10x that (or more? > Cant remember. In anycase i'm guessing H1 have suggested payouts) for "real" > bugs with PoC. > > You did have to deal with a bit of spam but overall it was worth it. > > Hp > > > > On Mon, 3 Jul 2023, 14:22 SW, <walke...@hotmail.co.uk > <mailto:walke...@hotmail.co.uk>> wrote: >> I can also add https://istormsolutions.co.uk/ - I have a friend who >> works there, though I've not used their services myself. >> >> Thanks, >> S >> >> On 03/07/2023 15:03, Gautier Hayoun wrote: >> > Hi William, >> > >> > I have dealt with Callum at Sencode (https://sencode.co.uk/) recently. >> > They are a small company based in the UK, and I was perfectly >> > satisfied when their pen test of a Django web application. >> > >> > Best, >> > >> > Gautier >> > >> > On 03/07/2023 13:55, William Mayor wrote: >> >> Hi! >> >> >> >> This isn’t exactly on topic, but I’m running out of leads on this >> >> one. Any help is appreciated :) >> >> >> >> I’m looking for a penetration/security testing company that can help >> >> me with a product that we’re building. It’s an API (written using >> >> FastAPI, so there is a python link in here :) ), with web and native >> >> app front ends. >> >> >> >> I’d like to have some kind of certified test conducted, to find all >> >> the security edge cases that I’ve undoubtably missed. >> >> >> >> We’re a small company (a social enterprise), so our budget isn’t great. >> >> >> >> So my question is, does anyone have any recommendations for a pen >> >> testing company that could help? >> >> >> >> Thank you! >> >> >> >> >> >> _______________________________________________ >> >> python-uk mailing list >> >> python-uk@python.org <mailto:python-uk@python.org> >> >> https://mail.python.org/mailman/listinfo/python-uk >> > _______________________________________________ >> > python-uk mailing list >> > python-uk@python.org <mailto:python-uk@python.org> >> > https://mail.python.org/mailman/listinfo/python-uk >> >> _______________________________________________ >> python-uk mailing list >> python-uk@python.org <mailto:python-uk@python.org> >> https://mail.python.org/mailman/listinfo/python-uk > _______________________________________________ > python-uk mailing list > python-uk@python.org > https://mail.python.org/mailman/listinfo/python-uk
_______________________________________________ python-uk mailing list python-uk@python.org https://mail.python.org/mailman/listinfo/python-uk
