RandomStorm researcher makes bid for better security on eBay
Security management and compliance company, RandomStorm, has been named on the eBay Responsible Disclosure Acknowledgement Page for discovering and reporting a security vulnerability to the online auction website.eBay periodically acknowledges independent security researchers that help to make the site safer for users by reporting potential security issues.RandomStorm security researcher, Avram Marius Gabriel (Twitter @SecurityShell), contacted eBay after discovering scripting issues that could have allowed the site to be subjected to an XSS attack. The disclosure allowed eBay to resolve the issue before the vulnerability could be exploited by hackers or cyber criminals.RandomStorm security engineers regularly test popular online applications and public web platforms and report any issues to the relevant companies, so that they can make them safer for their users. The company has also been named among the Twitter White Hats; in the Microsoft Security Response Centre; and the latest Google Hall of Fame.Andrew Mason, Technical Director and co-founder of RandomStorm, commented, "This latest accolade demonstrates the first rate skills of our security engineers in identifying and helping to close any security loopholes that could be used by hackers to gain access to company databases and customer information. With the prospect of tough data protection sanctions being introduced throughout Europe, it is important that organisations continue to work with independent researchers to make their web-based applications more secure."RandomStorm provides vulnerability scanning and intrusion detection services to help public and private sector companies to improve their security posture and comply with industry guidelines and data protection regulations. The company is a CESG CHECK security consultancy and certified as both an Approved Scanning Vendor and Qualified Security Assessor by the Payment Card Industry Security Standards Council.