1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

IDG Contributor Network: The Oracle blog mess is missing a global business perspective

Discussion in 'CSO' started by RSS, Aug 17, 2015.

  1. RSS

    RSS New Member Member

    A recent blog post written by Oracle’s CSO caused a heavy storm in the infosec industry. Many people (mis)understood the blog post as a direct attack against security researchers, crowd vulnerability hunting and all sort of Bug Bounties in general.

    Eduard Kovacs compiled a great summary of industry reactions to the event in his article last Friday. On the Internet, the debate mainly reduced to a “pen testing vs. bounties” Holy War and discussions about the legal consequences of EULA violation. “Radicals” from both sides of barricades poured oil on flames, some by recommending the restriction of any type of security research and jailing any perpetrators, others by calling the community to release zero days in the wild for revenge. Both approaches are far from being constructive, and will hardly improve global Internet security.

    To read this article in full or to leave a comment, please click here

    Continue reading...

Share This Page