Instagram User Token Impersonation: From discovery to defense in depth скачать в хорошем качестве

Instagram User Token Impersonation: From discovery to defense in depth

The talk is about one of Philippe’s findings on Instagram that got him a $50,000 bounty reward. Philippe will walk you through the story of how he discovered the impactful vulnerability and Farah will provide insights on what the escalation and payout decision looked like from Meta's side from the moment they received the report. Speakers: Farah Hawa Security Analyst at Meta Farah Hawa is a Security Analyst at Meta and former Application Security Engineer at Bugcrowd. She’s well known in the bug bounty community for her educational content and practical hacking tutorials on YouTube. Farah combines hands-on security expertise with a passion for mentoring new researchers. Philippe Harewood security researcher Philippe Harewood is a long-time independent security researcher recognised for uncovering, subtle vulnerabilities across Meta’s platforms, including Instagram, Facebook, WhatsApp and Oculus. Over the past decade, he has collaborated closely with Meta’s security teams through their bounty program, contributing to improvements in how large-scale systems are secured and tested Ekoparty 2025 - Bug Bounty Argentina -- Seguinos en la redes: X:   / ekoparty   LinkedIn:   / 1053378   Instagram:   / ekoparty   Facebook: https://www.facebook/ekopartyconference Twitch:   / ekoparty   Visitá nuestra web: https://www.ekoparty.org/