The Bugweek is a research activity wherein the security professionals in the company, from developers to exploit writers and QA analysts, dedicate an entire week to bug hunting. It is part of our Security Vulnerability Research project. Prior to the Bugweek, employees are invited to workshops about source code audit, fuzzing and webapps security (among other topics) to prepare for what lies ahead.

The results of the Bugweek are:

  • Developers learn about security problems, and gain a better understanding of where they can be found (and introduced!).
  • Developers test and improve their products, or the tools that they use.
  • Advisories are published about the security issues that were found.
  • Findings contribute to the larger security community.

See below publications related to Bugweek and a list of vulnerabilities discovered during the last Bugweeks.