{"id":6134,"date":"2019-07-16T12:17:46","date_gmt":"2019-07-16T09:17:46","guid":{"rendered":"https:\/\/www.kaspersky.com.tr\/blog\/?p=6134"},"modified":"2022-05-05T14:26:44","modified_gmt":"2022-05-05T11:26:44","slug":"kaspersky-joins-disclose-io","status":"publish","type":"post","link":"https:\/\/www.kaspersky.com.tr\/blog\/kaspersky-joins-disclose-io\/6134\/","title":{"rendered":"Disclose.io ile birlikte g\u00fcven tesis ediyoruz"},"content":{"rendered":"

Neden di\u011ferini de\u011fil de o antivir\u00fcs program\u0131n\u0131 al\u0131yorsunuz? \u00c7\u00fcnk\u00fc o daha uygun maliyetli<\/s> \u00c7\u00fcnk\u00fc ona daha \u00e7ok g\u00fcveniyorsunuz, tabii ki bu se\u00e7enek. Peki g\u00fcvenlik ara\u015ft\u0131rmac\u0131lar\u0131 neden bir ba\u015fkas\u0131n\u0131 de\u011fil de bu uygulamay\u0131 analiz etmeye daha \u00e7ok zaman harc\u0131yor? \u00c7\u00fcnk\u00fc ilk uygulamay\u0131 geli\u015ftiren firmaya daha fazla g\u00fcveniyorlar. \u0130\u015fletmelerin hepsi, \u00fcr\u00fcnlerinde g\u00fcvenlik a\u00e7\u0131klar\u0131 tespit edilmesini ho\u015f kar\u015f\u0131lamaz \u2014 hatta baz\u0131lar\u0131n\u0131n ara\u015ft\u0131rmac\u0131lar\u0131 dava a\u00e7makla tehdit etti\u011fi bile olur.<\/p>\n

Dolay\u0131s\u0131yla evet, bir \u00fcr\u00fcn veya firmay\u0131 se\u00e7mek genel olarak g\u00fcvenle alakal\u0131d\u0131r. G\u00fcveni y\u0131kmaya tek bir hata bile yeterken, g\u00fcven tesis etmek ciddi derecede zordur. Binlerce tu\u011fladan olu\u015fan bir kuleye benzetilebilir \u2014 bir tu\u011flan\u0131n \u00e7\u0131kar\u0131lmas\u0131 kuleyi kolayl\u0131kla y\u0131kabilecekken, kuleyi in\u015fa etmek i\u00e7in binlerce tu\u011flay\u0131 sab\u0131r ve \u00f6zenle d\u00f6\u015femeniz gerekir. Zor ve zaman alan bir i\u015ftir.<\/p>\n

Ara\u015ft\u0131rmac\u0131lar i\u00e7in g\u00fcvenli bir liman<\/h2>\n

Kaspersky\u2019da m\u00fc\u015fterilerimizin ve potansiyel m\u00fc\u015fterilerimizin bize g\u00fcvenmesini istedi\u011fimiz i\u00e7in bu kuleyi tu\u011fla tu\u011fla in\u015fa ediyor ve koruyoruz. Bu do\u011frultuda K\u00fcresel \u015eeffafl\u0131k Giri\u015fimimizi<\/a> ba\u015flatm\u0131\u015f bulunuyoruz. Bunun faaliyetlerimizin \u015feffafl\u0131\u011f\u0131n\u0131 g\u00f6stermesini umuyoruz. Ayr\u0131ca, yaz\u0131l\u0131m hatas\u0131 bulma \u00f6d\u00fcllerimizi (Bug bounty)<\/a> de artt\u0131rd\u0131k. Bugcrowd platformunun \u00fcr\u00fcnlerimizde inceleme yap\u0131p g\u00fcvenlik a\u00e7\u0131klar\u0131 bulacak olanlar hakk\u0131nda hukuki i\u015flemler ba\u015flatmayaca\u011f\u0131m\u0131z\u0131 garanti alt\u0131na alan Disclose.io<\/a> projesine kat\u0131ld\u0131\u011f\u0131m\u0131z\u0131 duyurmaktan mutluluk duyuyoruz.<\/p>\n

Bugcrowd, Disclose.io projesini yaz\u0131l\u0131 hatas\u0131 bulma ve g\u00fcvenlik a\u00e7\u0131\u011f\u0131 if\u015fa programlar\u0131yla u\u011fra\u015fan kurulu\u015flar\u0131 ve ara\u015ft\u0131rmac\u0131lar\u0131 korumak i\u00e7in a\u00e7\u0131k bir yasal \u00e7er\u00e7eve sa\u011flamak \u00fczere 2018 y\u0131l\u0131n\u0131n A\u011fustos ay\u0131nda tan\u0131nm\u0131\u015f g\u00fcvenlik ara\u015ft\u0131rmac\u0131s\u0131 Amit Elazari ile ba\u015flatt\u0131. Temel olarak Disclose.io, ara\u015ft\u0131rmac\u0131lar ve i\u015fletmeler aras\u0131nda bir tak\u0131m anla\u015fmalar sunar. Disclose.io projesine kat\u0131lan t\u00fcm firmalar ve t\u00fcm ara\u015ft\u0131rmac\u0131lar, bu anla\u015fmalar\u0131n gereklerini yerine getirmeyi kabul etmi\u015f bulunmaktad\u0131r. Bu anla\u015fmalar gayet basit ve a\u00e7\u0131kt\u0131r. Kolay okunup anla\u015f\u0131l\u0131rlar \u2014 y\u00fczlerce alt maddeyi, hukuk s\u00f6zle\u015fmelerinin i\u015flemesini neredeyse imkans\u0131z hale getiren her yere s\u0131k\u0131\u015ft\u0131r\u0131lm\u0131\u015f k\u00fc\u00e7\u00fcc\u00fck yaz\u0131lar\u0131 unutun. Temel h\u00fck\u00fcmleri GitHub<\/a> \u00fczerinde bulabilirsiniz; bu bile \u015feffafl\u0131klar\u0131n\u0131 g\u00f6sterir; GitHub \u00fczerindeki dok\u00fcmanlar\u0131n de\u011fi\u015ftirilmesi i\u00e7in s\u00f6z konusu i\u015flemi t\u00fcm toplulu\u011fun g\u00f6rmesi gerekir.<\/p>\n

Bu anla\u015fmalar, i\u015fletmelerin yapt\u0131klar\u0131 ara\u015ft\u0131rmalar nedeniyle ara\u015ft\u0131rmac\u0131lar\u0131 cezaland\u0131rmak yerine, g\u00fcvenlik a\u00e7\u0131\u011f\u0131n\u0131 anlay\u0131p gidermek i\u00e7in onlarla birlikte \u00e7al\u0131\u015fmaya ve \u00fcr\u00fcnlerinin g\u00fcvenli\u011fine yapt\u0131klar\u0131 katk\u0131y\u0131 fark etmeye te\u015fvik eder. \u00d6te yandan bu anla\u015fmalar, ara\u015ft\u0131rmacular\u0131n tespit ettikleri g\u00fcvenlik a\u00e7\u0131klar\u0131 ile ilgili olarak sorumlu davranmalar\u0131n\u0131 \u2014 sorun giderilmeden \u00f6nce kamuya a\u00e7\u0131klamamalar\u0131n\u0131, eri\u015ftikleri verileri k\u00f6t\u00fcye kullanmamalar\u0131n\u0131, tedarik\u00e7ilerden \u015fantajla para s\u0131zd\u0131rmamalar\u0131n\u0131 sa\u011flar ve buna benzer bir \u00e7ok olumlu etkiye sahiptir.<\/p>\n

\"\"<\/p>\n

\u00d6zetleyecek olursak Disclose.io temel olarak der ki: \u201cSayg\u0131de\u011fer ara\u015ft\u0131rmac\u0131lar ve i\u015fletmeler, nazik davranman\u0131z ikinizin de yarar\u0131na olur.\u201d Bu beyana tamamen kat\u0131l\u0131yoruz ve bu nedenle, Disclose.io hareketini destekliyor ve \u00fcr\u00fcnlerimizde zay\u0131f noktalar bulmak isteyen ara\u015ft\u0131rmac\u0131lar i\u00e7in g\u00fcvenli bir liman sa\u011fl\u0131yoruz.<\/p>\n

Bundan \u015f\u00fcphesiz m\u00fc\u015fterilerimiz de faydalanacakt\u0131r. Bir \u00fcr\u00fcn veya hizmet, g\u00fcvenlik ara\u015ft\u0131rmac\u0131lar\u0131 taraf\u0131ndan ne kadar incelenirse, o kadar g\u00fcvenli hale gelir. G\u00fcvenlik \u00e7\u00f6z\u00fcmleri i\u00e7in m\u00fcmk\u00fcn oldu\u011funca g\u00fcvenli olmak kesinlikle olmazda olmazd\u0131r.<\/p>\n\n","protected":false},"excerpt":{"rendered":"

Kaspersky, g\u00fcvenlik alan\u0131ndaki ara\u015ft\u0131rmac\u0131lara g\u00fcvenli bir liman sunan Disclose.io projesine kat\u0131l\u0131yor.<\/p>\n","protected":false},"author":2706,"featured_media":6002,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[1352],"tags":[1405,1954,28,1407,1955],"class_list":{"0":"post-6134","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-special-projects","8":"tag-bug-bounty","9":"tag-disclose-io","10":"tag-kaspersky","11":"tag-seffaflik","12":"tag-yazilim-hatasi-bulma-odulu"},"hreflang":[{"hreflang":"tr","url":"https:\/\/www.kaspersky.com.tr\/blog\/kaspersky-joins-disclose-io\/6134\/"},{"hreflang":"en-in","url":"https:\/\/www.kaspersky.co.in\/blog\/kaspersky-joins-disclose-io\/16145\/"},{"hreflang":"en-ae","url":"https:\/\/me-en.kaspersky.com\/blog\/kaspersky-joins-disclose-io\/13655\/"},{"hreflang":"en-us","url":"https:\/\/usa.kaspersky.com\/blog\/kaspersky-joins-disclose-io\/18041\/"},{"hreflang":"en-gb","url":"https:\/\/www.kaspersky.co.uk\/blog\/kaspersky-joins-disclose-io\/16179\/"},{"hreflang":"es-mx","url":"https:\/\/latam.kaspersky.com\/blog\/kaspersky-joins-disclose-io\/14934\/"},{"hreflang":"es","url":"https:\/\/www.kaspersky.es\/blog\/kaspersky-joins-disclose-io\/18860\/"},{"hreflang":"it","url":"https:\/\/www.kaspersky.it\/blog\/kaspersky-joins-disclose-io\/17608\/"},{"hreflang":"ru","url":"https:\/\/www.kaspersky.ru\/blog\/kaspersky-joins-disclose-io\/23101\/"},{"hreflang":"x-default","url":"https:\/\/www.kaspersky.com\/blog\/kaspersky-joins-disclose-io\/27588\/"},{"hreflang":"fr","url":"https:\/\/www.kaspersky.fr\/blog\/kaspersky-joins-disclose-io\/11957\/"},{"hreflang":"pt-br","url":"https:\/\/www.kaspersky.com.br\/blog\/kaspersky-joins-disclose-io\/12151\/"},{"hreflang":"pl","url":"https:\/\/plblog.kaspersky.com\/kaspersky-joins-disclose-io\/10968\/"},{"hreflang":"de","url":"https:\/\/www.kaspersky.de\/blog\/kaspersky-joins-disclose-io\/19694\/"},{"hreflang":"ja","url":"https:\/\/blog.kaspersky.co.jp\/kaspersky-joins-disclose-io\/23601\/"},{"hreflang":"nl","url":"https:\/\/www.kaspersky.nl\/blog\/kaspersky-joins-disclose-io\/24012\/"},{"hreflang":"ru-kz","url":"https:\/\/blog.kaspersky.kz\/kaspersky-joins-disclose-io\/18675\/"},{"hreflang":"en-au","url":"https:\/\/www.kaspersky.com.au\/blog\/kaspersky-joins-disclose-io\/22963\/"},{"hreflang":"en-za","url":"https:\/\/www.kaspersky.co.za\/blog\/kaspersky-joins-disclose-io\/22902\/"}],"acf":[],"banners":"","maintag":{"url":"https:\/\/www.kaspersky.com.tr\/blog\/tag\/seffaflik\/","name":"\u015feffafl\u0131k"},"_links":{"self":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/6134","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/users\/2706"}],"replies":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/comments?post=6134"}],"version-history":[{"count":2,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/6134\/revisions"}],"predecessor-version":[{"id":6761,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/6134\/revisions\/6761"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/media\/6002"}],"wp:attachment":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/media?parent=6134"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/categories?post=6134"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/tags?post=6134"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}