top | item 44378064

(no title)

keisborg | 8 months ago

«XBOW submitted nearly 1,060 vulnerabilities. All findings were fully automated, though our security team reviewed them pre-submission to comply with HackerOne’s policy on automated tools»

That seems a bit unethical. I’ve thought companies specifically deny usage of automated tools. A bit too late ey…?

discuss

8200_unit|8 months ago

They acknowledge that in the article and all submissions are human reviewed before they are submitted.

keisborg|8 months ago

The policies states it’s not allowed to use automated tools, not to submit report using automated tools alone. Human review does not really change that.