Salesforce 블로그
2021년, Salesforce가 제품에 "무단 침입"한 해커들에게 280만 달러를 지급한 이유
의아해 보일 수도 있지만 실제로 해커들은 Salesforce가 고객의 데이터 보안을 유지하는 데 도움이 됩니다. 2021년 한 해에만 Salesforce는 시스템 보호에 도움을 준 윤리적인 "바운티" 해커들에게 280만 달러를 지급했습니다.
책임 공개를 하려면 책임 공개 정책에 대해 자세히 알아보십시오. Salesforce, 저희 고객, 사용자를 대신하여 다음 조사자들의 노고에 감사를 표하고 싶습니다.
뛰어난 조사 기여도
가장 공격적인 버그 바운티 해커
지난 일 년 동안 Salesforce 버그 바운티 프로그램에 위험도가 가장 높은 취약점 5가지를 보고한 버그 바운티 조사관을 가장 공격적인 버그 바운티 해커로 선정했습니다. Salesforce 보안 직원들은 Salesforce의 가장 중요한 가치인 신뢰 유지에 기여해준 조사관을 선출하기 위해 소중한 한 표를 행사했습니다.
2023년(~3월)
버그 바운티 조사관
0xd0m7, analyz3r, anupamas01, bradleyjkemp, d0xing, d3f4u17 , djurado, dz_samir, fozgrkuggs3t, freesec, goldenstone, hafolife, hazimaslam, holybugx, jatindhankhar, juji, kcho, krevetk0, le0w4ng, m0chan, mateuszek, michael1026, micr0mind, mikey96, mooimacow, mrrajputhacker2, naaash, nickslow, none_of_the_above, pesticide, proabiral, realtess, rg0x01, root_kn1f3, rz01, s1ber, svennergr, todayisnew, xpx, yuvraj_dighe
2022
버그 바운티 조사관
0ang3el, 0x01alka, arneswinnen, d0xing, derision, djurado, dz_samir, edivan, hazimaslam, honoki, inhibitor181, jinOne, krevetk0, m0chan, madinmars, melar_dev, michael1026, nadino, nagli, nbabii, ngocdh, p4fg, proabiral, ramsexy, ras-it, rz01, seifelsallamy, stealthy, svennergr, thecaffeinefix, todayisnew, tolo7010, try_to_hack, wirtha, youstin, zonduu 0xd0m7, 0xelkot, afewgoats, ahmedehane, ajxchapman, ak1t4, akshyyaksl337, amad3u6, amaljacob, amsda, analyz3r, anandpingsafe, andi, andrewrusso, ansariosama, anupamas01, assassin_marcos, avezkhan, avram, bombon, brdoors3, bugra, caffeinefix, cakiki, chermysl, cocoh__23, codermak, comwrg, cyb3rz0n3, cygut, d0nut, d3f4u17, dirtycoder, dkd, dragonjar, egrep ehshahid, en_ahsanali, enzyro, fr4via, fracturedninja, fransrosen, freesecgofunc, h4x0r_dz, hackit0, hafolife, hailstorm1422, hk755a, hoangn14, holybugx, holyfield, homosec, hulk, huyngoc, hx01, ian, ignaciosarobe, imajes, imgnotfound, imnarendrabhati, iqbal_007, isimsiz, juji, kadusantiago, kotko, krynos, lehtu, m7mdharoun, malcolmx, manish_adz, mateuszek, melbadry9 michau, micr0mind, mikey96, mikkocarreon, mitchellwright, mr-hakhak, musab_alharanynaaash, naif_ksa, niraeth, none_of_the_above, not_stoppable, oxbo, pablofacciano, pankaj_kumar, paulcalabro, pesticide, polem4rch, realtess, recon_ninja, renekroka, rg0x01, rijalrojan, roberto99, rreiss, s3rdz0, s_p_q_r, salh4ckr, samlyhin, samux, shaikhyaser, sheikhimmi, sheikhrishad0, simontang, smaul, smitgharat0001, snorlhax sp00ka7x, spaceraccoon, stevenandres, th3g3nt3lman, txt3rob, villagelad, violet, vp40, w--, w2w, xsam, yuvraj_dighezanderziot
독립 조사관
2021
버그 바운티 조사관
0ang3el, 4lemon, afewgoats, ahmedehane, ak1t4, ali, amalyoman, amsda, ankitsingh, ansariosama, arneswinnen, asad0x01, ateek, bitsscrambler, bobrov, bubbounty, cdl, d0xing, d4rkm4tter, debsec, discodamone, diskodingo85, djurado, dkd, dz_samir, egrep, erbbysam, g003e, hazimaslam, honoki, hritiksh, indoappsec, inhibitor181, kaktaktoa, kcho, kirtan_patel, kotko, krevetk0, lucio, m0chan, m1s13ksnk, melar_dev, metnew, michael1026, mikee, nadino, nagli, nanwn, ngocdh, niemand_sec, nnez, node1, none_of_the_above, not_stoppable, p4fg, patrik, pnig0s, preben, proabiral, ramsexy, randomdeduction, ras-it, rhynorater, securitybreaker, sergeym, sheikhimmi, shubs, skavans, sml555, smsecurity, spaceraccoon, stuxnite, svennergr, tbehroz, the_arch_angel, todayisnew, tolo7010, try_to_hack, w--, w2w, wirtha, yaworsk, zonduu
독립 조사관
2019 -2020
0xd0m7, 0xcaptainfreak, 4bg0p, 0ang3elakhilmm, alexeypetrenko, alfazero, alittleninja, amontes, ankitkrdixit, ankitsingh, annunaki, anonym0us_py, anshuman_bh, apox, appsecure_in, arl_rose, arneswinnen, asad0x01_, ashish_r_padelkar, ateek, bejaminkm, bobrov, brdoors3, bubbounty, bugbasher, bughunterboy, c1231665, cdl, charityhackers, charlieeriksen, chernobyl, cmd-0_0, constructor2019, cr4xerbik4sh, cyb1, d0nut, d3n0, dataalchemist, delisyd, derision, dhakal_ananda, dkd, dvl, dz_samir, edoverflow, eelsivart, egrep, erbbysam, fishofprey, foobar7, frozensolid, goravseth, gujjuboy10x00, hack_all_things, hackdev16, harisec, hazimaslam, hdbreaker, httpsonly, indoappsec, inhibitor181, intidc, isecurity, jackds, jahin0x01, jepatel, jllis, jong_jong, jsadler01, kapytein, kasperkarlsson, kazan71p, kcho, khizer47, kusl, lagertha, lfb, linkks, luied1920, m7mdharoun, mantis, mattaustin, metnew, michael1026, mikee, mlitchfield, moshemiz, mr_r0w07, narenp, neema, ngalog, ngocdh, nih8l, none_of_the_above, nullboy, p4fg, paresh_parmar, pcastagnaro_sfdc, pen3t3r, piyushmalik, pnig0s, poutine_hero, prateek_0490, protector47, psaux, pufo, pxh3, quanyang, r0x33d, ramsexy, randbug101, randomdeduction, randomusername, ras-it, redguard, rijalrojan, ris, rubyroobs, rudnkh, ruvlol, rz01, samux, securitybreaker, securitythinker, sergeym, shahmeer-amir, shailesh4594, shepard, silenthunter, skavans, slechjke, smaury, smiegles, smsecurity, sniper302, sp1d3rs, stok, streaak, strukt, sub_super, suhas_gaikwad, sunil_yedla, sysecure, ta8ahi, tahaismail9, techguynoob, todayisnew, tolo7010, tophersmith116, try_to_hack, trying_to_hack, txt3rob, ubepkr, vinothkumar, vp40, vulnh0lic, wh11tew0lf, whitehatter, wirtha, yashrs, yotamc19899, z0mb13, zapprising, zephrfish, zeroflaw, zigoo0, ziot
2017 -2018
Ervin Weber, Priyanshu Sahay, Elamaran V(BHEL Trichy), TechguySarath, Fredrik Almroth, David Dworken, Karim Valiev, Ankit Mittal, Chris Bland, Ruby Nealon <rubyroobs>, Andrew Leonov, Arne Swinnen, Anand Prakash, Guilherme Cesar Leite, Moataz Jemni, Hussain Adnan Hashim, Peter Yaworski, Ben Buechner, Ian Bouchard, Jubaer Al Nazi, Missoum Said, Yaala Abdellah, Samir Hadji, Evgeniy Yakovchuk, Karl Aparece, Hazim Aslam, Daniel Ballinger, Deepak K, Pier-Luc Maltais, Sergey Bobrov, Deepanker Chawla, Ahsankhan, Mohammed Fayez Ahmed Albanna, Elamaran V, Muhammad Khizer Javed, Iordache Cosmin, Muhammad Hassham Nagori, Gujjuboy10x00(Vishal), Osama Ansari, Prakash Sharma, Marius Horatau, Johnny Nipper, Simon Bräuer, TechguySarath, Tomi Koski, Ashish Padelkar, Stanko, SPQR, Sandeep Singh, Jens Müller, Waleed Ezz Eldin (WIBF), SecuNinja, Darshit Varotaria (Krydence Technologies -Trusted Digital Security Ally), Ankit Mittal
2016
Hadji Samir, Char49, Eusebiu Blindu, Peter Yaworski, Abdul Haq Khokhar, Abdul Rehman, Mustafa "strukt" Hasan, Frans Rosén, Yassine ABOUKIR, Raghav Bisht, Nikhil Kumar Srivastava, Jay Patel, Sagar Shah, Stefano Vettorazzi, David Vieira-Kurz (@secalert), Sasi Levi, Sandeep Singh, Artur Czyż, Ajay chavda, Matvejs Mascenko, Max Prietzel, Nightwatch Cybersecurity, jay k patel, Muhammad Hassaan Khan, Stephen Sclafani, Kacper Kwapisz, Seif Elsallamy, Arie Timmerman, Abhinav Karnawat \/ w4rri0r \/, satish bommisetty, Noriaki Iwasaki, harisec, Max Moroz, Dzmitry Lukyanenka, Deepanker Chawla, Nassim Bouali, Jose Luis Zayas Banderas, Teemu Kääriäinen, Issam Rabhi, Vathsa, Abdullah Hussam, psych0tr1a, PsihoZ26, Mustafa Hasan (strukt), Luciano Corsalini, Fizer Khan, Paulos Yibelo, Avram Marius Gabriel, N B Sri Harsha, Mathias Karlsson, Arsiadi Sriyanto, Cîrjă Florinel-Vasile (Quistertow), Darius Petrescu, Tomasz Bojarski, Pranav Hivarekar, Santiago "Mr Hack" López, Muhammad Asim Shahzad, karthickumar (Ramanathapuram), Yasir Altaf Zargar, Nitin Goplani, Hazim Aslam, Nicolas Grégoire, Jigar Thakkar (Akhani), SPQR, Benjamin Kunz Mejri, Jelmer de Hen, Ahmed Aboul-Ela, Arne Swinnen
미리 알림: 이 페이지는 매년 업데이트됩니다. 2021년부터 Salesforce에 타당성 있는 보고서를 제출하는 연구자에게 단독으로 보상을 제공하려고 합니다. 문제가 의심되는 경우 security@salesforce.com 으로 이메일을 보내 Salesforce 보안 팀에 의심이 되는 취약점을 자세히 알려주십시오.
