Imagine you are taking a stroll in your neighborhood and you notice that backdoor of one of your neighbor is wide open. You being the good Samaritan would ring their bell and tell them, right? I know you will. You will do this because you know that the world is not all sunshine and rainbows and there are chances of something terrible happening if that door is left open.
Now, what will you do if there is no bell to ring? Being the good person that you are, you would still knock their door. If they don’t answer to a few knocks, you have better things to take care of than an open backdoor of a person who seems least interested in the security of their home.
Something similar happens with thousands of websites daily. A good person finds a vulnerability, they want to report it, but they don’t get any appropriate channel and then the vulnerability is left open wide for anyone to access and take advantage. I don’t think you would want to be the one who is not conscious of their security.
Yeah, but locking a door is different from securing a website. Installing a bell is different from managing the vulnerabilities that hackers report. Yes, I hear you, and I agree. This is where Astra’s Community Security Program comes to your rescue.
With Astra’s Community Security Program, you give hackers a safe and secure way to report any vulnerability that they find on your website. There goes installing the bell. And now, you may not be expert at validating the vulnerability, so we do that for you. First, our security experts verify all the vulnerabilities that are reported, and then only the valid ones are sent to you. So you get zero false positives.
How do I get started with Astra Community Security?
Someone’s getting excited here. Within 5 minutes and without writing a single line of code, you can create your own Community security page. You need to login to your dashboard (create an account now if you already haven’t) and click on “Community Security” in the top bar. From here follow these three simple steps –
1. Enter your website URL, upload your logo and choose a unique link for your page.
2. Decide what kind of rewards you would want to give to people who report valid vulnerabilities. Review the program policy, we have written a standard one for you, and you are free to change it according to your needs.
3. Publish your page and you are done. Add “Report a Vulnerability” link in your website footer and Contact Us page.
Great, what’s the cost involved?
How can we charge good samaritans like you! Setting up your community security page is absolutely FREE. The number of bug validations by our security engineers will have a maximum cap according to your plan.
Increase your website’s security by crowdsourcing it. The best minds across the world will now help you make sure your website is super secure. Build trust in your brand, get to be known as a security conscious company.
Ujwal Ratra
