All articles by Pierre Rambaud
-
Bug Bounty Program, the retrospective
When hunters make your business safer!
For several months, we experimented a Bug Bounty Program with the YesWeHack platform. Here is a retrospective, explaining why we did it, and what happened during this period.
Continue reading
-
Announcing our first Bug Bounty program
It's time to make PrestaShop better and safer that it already is!
Protecting the business, data and privacy of PrestaShop’s users is one of our top priorities. We build our software with this goal in mind. That’s why we decided to put our security to the test. To encourage the security community to help us, today we are announcing our first bug bounty program!
Continue reading
-
We were at Google's CMS Security Summit 2020
PrestaShop continues working together with Google and the top CMS vendors for a safer web.
Once again, open source CMSs Security leads shared knowledge together last February at an event organized by Google in Munich.
Continue reading
-
Security issue with PHPUnit, post-incident analysis
The mysterious development dependencies!
Early January, we encountered a security issue with PHPUnit in some modules that allowed attackers to perform arbitrary code execution without authorization through the PHPUnit dependency. This vulnerability was discovered through a merchant whose shops were compromised.
Continue reading
-
Open Question: What about not committing generated files anymore?
Let’s talk assets, we want your opinion!
This post is the first of a new kind. We decided to open up more with you about technical questioning and decisions for the PrestaShop project. This one is about generated asset files.
Continue reading
-
We were at the CMS Security Summit with Google
Security is very important for PrestaShop
PrestaShop and other open source CMSs are working together to improve the security of websites.
Continue reading