Compass Security Blog

Offensive Defense

Bug Bounty: Insights from Our First-hand Experience

At Compass Security, we recently launched our managed bug bounty service. We openly invite hunters to probe our publicly exposed services for vulnerabilities. In return for their valuable feedback, we offer monetary bounties up to CHF 5000. This blog posts presents an interesting vulnerability found by a hunter on the bug bounty program of our subsidiary, Hacking-Lab.

Continue reading

Simulated Industrial Espionage with the Pwnie Express Device

The Pwnie Express is a device that is designed for remote security testing of corporate and federal facilities and can be used as an “All-In-One” hacking drop box, aiding the pentesters at Compass Security, to conduct “real world” industrial espionage simulations. http://pwnieexpress.com/ The typical penetration testing scenario is: 1) A Compass analyst manages to “social-engineer” […]

Continue reading