It achieves this goal by matching application fingerprints against a database of known web application fingerprints. Web application fingerprints: Several months ago, we added new web application fingerprinting capabilities to Tsunami that detect popular off-the-shelf web applications.
All plugin contributions will be reviewed by our panel members in Google's Vulnerability Management team and the reward amount will be determined by the severity as well as the time sensitivity of the vulnerability. Vulnerability detection plugins: In order to expand Tsunami scanner's detection capabilities, we encourage everyone who is interested in making contributions to this project to add new vulnerabilities detection plugins.We hope this program will allow us to quickly extend the detection capabilities of the scanner to better benefit our users and uncover more vulnerabilities in their network infrastructure.įor this launch, we will accept two types of contributions:
FINGERPRINT PROGRAM PATCH
Participants in the program will receive patch rewards for providing novel Tsunami detection plugins and web application fingerprints. Today, we are announcing a new experimental Patch Reward Program for the Tsunami project. In the last several months, the Tsunami scanner team has been working closely with our vulnerability rewards program, Bug Hunters, to further improve Tsunami's security detection capabilities. One year ago, we published the Tsunami security scanner with the goal of detecting high severity, actively exploited vulnerabilities with high confidence. Posted by Guoli Ma, Sebastian Lekies & Claudio Criscione, Google Vulnerability Management Team
0 kommentar(er)
