Ask HN: Security audit for startup / OSS projects
I run a startup whose code is public and I'd like to have the code audited for vulnerabilities, does anyone know of services that exist to do this that aren't enterprise focused? Even HackerOne has gone full-enterprise in recent years, but it's not only large companies that need these services.
9 comments
[ 1.6 ms ] story [ 27.6 ms ] threadhttps://www.nccgroup.com/uk/
We are young energetic team, who had already done secure Code review to many startup's.
HackerOne has a free offering for open source projects. ^^
Let me know if you have any questions (I manage it). :-)
But really if you have a ci cd pipeline you should look at automating a lot of this. Devsecops.
If you post a link and I get time I can take a look.