Risky Business #62 -- Hacking Salesforce.com for fun and profit

Previously on Risky Business...
13 May 2008 » Risky Business

This week's Risky Business podcast is brought to you by Check Point Software and hosted, as always, by Vigabyte virtual hosting.

In this week's show we speak to one of the pioneers of cash-for-vulnerability business practices -- David Endler. He's the director of TippingPoint's DVlabs and the founder and chairman of the VoIP Security Alliance. He popped by to talk about the latest trends in bug shopping.

Of particular interest is what Endler has to say about buying bugs in software-as-a-service applications like Salesforce.com. While TippingPoint would look at buying vulnerabilities in online applications, he doesn't want to be seen to be encouraging any law breaking. It's a bind!

On this week's podcast:

  • ZDNet Australia editor Munir Kotadia discusses the week's news with host Patrick Gray
  • TippingPoint DVlabs director David Endler discusses the market for software as a service bugs
  • Check Point's Steve MacDonald drops by to share his perspective on recent comments made by RSA Security's president Art Coviello in this week's sponsor interview