Diese Website verwendet Cookies, um das Angebot nutzerfreundlicher und effektiver zu machen. Mit der Nutzung dieser Website stimmen Sie der Verwendung von Cookies zu.Weitere Informationen über die Verwendung von Cookies und die Möglichkeit der Verwendung von Cookies zu widersprechen, finden Sie hier.
Crowdsourced Vulnerability Discovery from the World’s Best Ethical Hackers
The unstructured testing methodology of Synack’s Crowdsourced Vulnerability Discovery (CVD) mimics reallife attack methods that are used by criminals to exploit vulnerabilities. Our elite crowd of security researchers, the Synack Red Team (SRT), is unleashed through a secure platform to test all client assets within scope and submit reports on their findings. SRT researchers are incentivized to find critical, high-impact vulnerabilities through a managed bug bounty model (in contrast to a time-and-materials model offered by traditional pen tests). This testing methodology addresses the weaknesses of defense-in-depth strategies that only prevent signature-based attacks.
1. CVD starts with a recon phase powered by Hydra, Synack’s automated reconnaissance and vulnerability scanning tool. Hydra boosts the efficiency of the SRT by delivering all the information a hacker might need to prosecute a target.
2. With intelligent scanning in place, SRT researchers probe defenses via LaunchPoint, Synack’s secure gateway technology. All SRT members conduct their research through LaunchPoint to give customers visibility and oversight over all testing activity. Not only does CVD produce vulnerabilities, it also provides valuable insights into adversarial attack patterns, guiding customers to direct their defenses to high-risk areas.
3. The Synack Mission Ops team verifies that vulnerabilities submitted by the SRT are valid before a client sees them. This protects time-strapped security teams from wasting manpower on false positives.
Synack is redefining traditional models of security testing through revolutionary technology and innovative thinking. Synack's aim is to provide customers a scalable, continuous, platform powered by the world's elite security researchers that uncovers security vulnerabilities that often remain undetected by your existing pen testers and scanners. Protecting the likes of Santander, Dominos and the DoD, we're enabling some of the largest organizations in the world to fix security holes in their digital assets before criminal hackers exploit them.
With headquarters in Redwood City, California, Synack is a global organization with offices around the US, UK, The Netherlands, Germany, Austria, Switzerland, and France. Our elite crowd of researchers represent over 40 countries around the world.