科技回声

I run a startup whose code is public and I'd like to have the code audited for vulnerabilities, does anyone know of services that exist to do this that aren't enterprise focused? Even HackerOne has gone full-enterprise in recent years, but it's not only large companies that need these services.

<a href="https://vaultinfosec.com/contact.php" rel="nofollow">https://vaultinfosec.com/contact.php</a>We are young energetic team, who had already done secure Code review to many startup's.

You can find indy security people on Upwork.But really if you have a ci cd pipeline you should look at automating a lot of this. Devsecops.If you post a link and I get time I can take a look.

<a href="https://news.ycombinator.com/item?id=25381397" rel="nofollow">https://news.ycombinator.com/item?id=25381397</a>

<a href="https://www.hackerone.com/company/open-source-community" rel="nofollow">https://www.hackerone.com/company/open-source-community</a>HackerOne has a free offering for open source projects. ^^Let me know if you have any questions (I manage it). :-)

<a href="https://cure53.de/" rel="nofollow">https://cure53.de/</a><a href="https://www.nccgroup.com/uk/" rel="nofollow">https://www.nccgroup.com/uk/</a>

Ask on the infosec.exchange mastodon. There are plenty folks there contracting.

Check out a company which audited TrueCrypt.