Bug Bounty consulting

With more than 3 years of experience, I had the opportunity to study several aspects of this industry:

  • As a full time bug hunter, I am pretty familiar with their expectations: What they look for, what are their problems, what make them more involved…

  • As a consultant, I work with platforms to solve the common problems in a relationship with hackers and handle the daily. Support the customers, manage the reports, keep hackers on the right track…

  • As a consultant, I help companies to manage their program. How to choose a scope, how to create a reward policy, what are SLAs…

  • As this list shows, I spent time to study the main platforms available on the current market. Depending of some criterias (size, country, law…) some of them probably fit better to your business.

In a nutshell my goal is to help all actors in the bug bounty industry to be successful and develop the programs on the long term. See my bug bounty overwiew on Google docs.

Whether for a first step or for any question about an already running security program, feel free to contact me by e-mail: g[at]10degres[dot]net

Security audit

Specialized in LAMP models, I perform security audits on websites using those technologies, on site or remotely. The time required mainly depends on the size of the perimeter of the test, basically how many pages/scripts/functionalities are concerned.

After the audit you will get a report resuming the checks performed and the issues found. Because of my developer background, I am able to understand how to fix them and potentially help in this task.

For any question, feel free to contact me by e-mail: g[at]10degres[dot]net