Over the years I have given a couple of interviews and made press appearances to comment on random security topics. Aside from my blog posts, I find these resources some of the best ways to get to know me better and hear my thoughts on various topics.
For a comment regarding a news story or independent verification, please contact me via email.
Press appearances
2022
- watson (π¨π): Eine simple Idee soll das Internet sicherer machen (August 2022)
- Tweakers (π³π±): Security.txt wil orde brengen in de chaos van responsible disclosure (May 2022)
- SecurityWeek: IETF Publishes RFC 9116 for ‘security.txt’ File (April 2022)
2021
- KrebsOnSecurity: Does Your Organization Have a Security.txt File? (September 2021)
- The Daily Swig: ‘Soft skills are the most under-researched area of the bug bounty industry’ β ‘Reconless’ YouTubers on filling a gap in infosec education (June 2021)
2019
- TechCrunch: Parallels’ KeyGenie lets you play for a free product key, but you canβt ever win (August 2019)
- ZDNet: CI build logs continue to expose company secrets (May 2019)
- The GitHub Blog: Five years of the GitHub Bug Bounty program (February 2019)
2018
- Threatpost: Facebook Now Offers Bounties For Access Token Exposure (September 2018)
- Bleeping Computer: Cloud Product Accidentally Exposes Users’ TLS Certificate Private Keys (August 2018)
- Threatpost: Microsoft Bounty Program Offers Payouts for Identity Service Bugs (July 2018)
- Threatpost: Navigating an Uncharted Future, Bug Bounty Hunters Seek Safe Harbors (July 2018)
- ZDNet: GitLab fixes security issue that let anyone hijack custom domains (February 2018)
- The Register: Bug-finders’ scheme: Tick-tock, this techβs tested by flaws.. but who the heck do you tell? (January 2018)
2017
- Bloomberg: Uber Hack Shows Vulnerability of Software Code-Sharing Services HTML (November 2017)
- Security Intelligence (IBM): The Telltale Text File: Security Researcher Proposes Standardization for Reporting Vulnerabilities (September 2017)
Interviews
2020
- Intigriti: Bug Business #1: Inside Logic Flaws with EdOverflow (February 2020)
2019
- PentesterLand: How to think out of the box with @EdOverflow (March 2019)
- Detectify: Meet the Hacker: EdOverflow, motivated by community and knowledge sharing (March 2019)
2018
- HackerOne: Hacker Interviews: Edwin Foudil (EdOverflow) (April 2018)
- Bug Bounty Forum: AMA with @edoverflow (March 2018)
- Yes We Hack: Interview of EdOverFlow : Bug Hunter & mastermind of security.txt (February 2018)
2017
- HackerOne: Hacker Q&A With EdOverflow (December 2017)
