Adam Ziaja () — just another white hat[1] (IT Security and Computer Forensics Specialist) researcher from Poland who does responsible disclosure[2] of security vulnerabilities.

 it doesn't matter what you know or what you can do if you can't demonstrate it

Acknowledged by i.a.:

img img img img img img
img img img img img img

Acquiahttp://www.acquia.com/how-report-security-issue
ActiveCampaignhttp://www.activecampaign.com/security/
Adobehttp://www.adobe.com/support/security/bulletins/securityacknowledgments.html
Applehttp://support.apple.com/kb/HT1318
Barracuda Networkshttp://barracudalabs.com/research-resources/bug-bounty-program/bug-bounty-hall-of-fame/
Base CRMhttps://getbase.com/security/
Beyond Security (AVDS) — img[4]
Bitcasahttps://support.bitcasa.com/entries/25831393-How-To-Responsibly-Report-Security-Concerns
BlackBerryhttp://uk.blackberry.com/business/enterprise-mobility/mobile-security/incident-response-team/collaborations.html
Blueboximg[4]
Cardhttps://www.card.com/responsible-disclosure-policy
CloudApphttp://www.getcloudapp.com/help/responsible-disclosure/
Constant Contacthttp://www.constantcontact.com/about-constant-contact/security/report-vulnerability.jsp
Deutsche Telekomhttp://www.telekom.com/security/acknowledgements
eBayimg[4]
Empik (E-commerce Services) — img[5]
Engine Yardhttp://www.engineyard.com/legal/responsible-disclosure-policy
Fog Creekhttp://www.fogcreek.com/security.html
Freelancer.comhttps://www.freelancer.com/u/adamziaja.html img[4]
Gadu-Gaduimg[4]
GeoNodehttps://github.com/GeoNode/geonode/commit/f5f69e71937e8d447ecb59126bb20eceef020403
GitHubimg[4]
GitLabhttp://blog.gitlab.com/vulnerability-acknowledgements/
Gittiphttps://www.gittip.com/security.txt
Harvard Universityhttp://about.worldmap.harvard.edu/icb/icb.do?pageid=icb.page481343 img[4]
HBOimg[4]
Helionimg img[4]
Home.plimg[5]
IFixithttp://www.ifixit.com/Info/Responsible_Disclosure img[4]
Interia.plimg[5]
Kanevahttp://docs.kaneva.com/mediawiki/index.php/Security_Hall_of_Fame
LastPasshttps://lastpass.com/support_security.php
Maharahttp://wiki.mahara.org/index.php/Contributors#Security_researchers
MailChimphttp://mailchimp.com/about/security-response/ img[4]
MediaFirehttp://www.mediafire.com/view/wv2xv9b2b5orr0u/certificate_serial_Adam%20Ziaja.pdf
Nasza-klasa.plimg[4]
National Cyber Security Centre (NCSC), Ministry of Security and Justice (Netherlands)https://www.ncsc.nl/english/current-topics/wall-of-fame.html img[4]
Netflixhttp://support.netflix.com/en/node/6657
Nokia Solutions and Networkshttp://nsn.com/responsible-disclosure
Onet.plimg[5]
OTRSPoC, CVE-2014-1695, OSA-2014-03, CVE-2014-2554, OSA-2014-05 (clickjacking and two stored XSS payloads in e-mail to OTRS — bypass XSS filter, both CVSS medium severity)
Paymillhttps://www.paymill.com/en-gb/support-3/worth-knowing/security/ img[4]
PagerDutyimg[4]
Pragmatic Bookshelfhttp://pragprog.com/security
Preziimg[4]
Puppet Labshttp://puppetlabs.com/blog/responsible-disclosure-of-security-vulnerabilities/
Reddithttp://www.reddit.com/user/adamziaja_com/
Risk I/Oimg[4]
Riskalyzehttps://www.riskalyze.com/security-response
Schuberg Philishttps://www.schubergphilis.com/2014/01/21/responsible-disclosure-hall-of-fame/ img[4]
Scorpion Softwarehttp://www.scorpionsoft.com/company/disclosurepolicy/
SecurityNethttp://www.securitynet.org/security-researcher-acknoledgments/
Sellfyhttps://sellfy.com/security/
SendGridimg[4]
ShareLaTeXhttps://www.sharelatex.com/security
Shoudiohttps://shoudio.com/security
SoundCloudhttp://help.soundcloud.com/customer/portal/articles/439715-responsible-disclosure img[4]
Squidoohttp://www.squidoo.com/squidoo-bug-bounty
Tuentihttp://corporate.tuenti.com/en/dev/hall-of-fame
Twiliohttps://www.twilio.com/docs/security/disclosure
Viadeohttp://www.viadeo.com/aide/security/
VMwareimg[4]
Wirtualna Polskaimg img[4] img[5]
Yahoohttp://bugbounty.yahoo.com/security_wall.html img[4]
Yandexhttp://company.yandex.com/security/hall-of-fame.xml
Zendeskimg[4]
Zyngahttp://company.zynga.com/security/whitehats

 do what you love, and you'll never work a day in your life

If you are looking for:
IT Security Specialist (I work as in CSIRT[6]; member of MMD and ISSA)
Pentester (Bug Hunter — see above; OWASP and PTES methodologies)
Computer Forensics Specialist (IT expert witness; X-Ways Forensics certificate holder; ENISA[7] contributor;
public speech „Cybercrime 2.0” at 17th International Scientific Conference on Technical Aspects of ICT Crime in Police Academy in Szczytno, Poland)
Auditor of Linux-based environments (mainly Debian)
Linux System Administrator (Debian consultant[8] and Debian Maintainer[9]; ex-sysadmin at Onet.pl)
feel free to e-mail me — <adam@adamziaja.com> (PGP[3] F98A0176)
LinkedInpl.linkedin.com/in/adamziaja

 forge your own weapons to solve your own problems (why make it simple when you can make it complicated)

You may also be interested in my archival project which is wireless networks maps — wardriving.adamziaja.com (in Polish), now the code is open source.

My other open source projects: vulnerability-check, dns-check and other scripts.

adamziaja.com

My big hobby is not only IT but also professional photographywww.shutterstock.com/g/adamziaja.


  1. en.wikipedia.org/wiki/White_hat_(computer_security)
  2. en.wikipedia.org/wiki/Responsible_disclosure
  3. en.wikipedia.org/wiki/Pretty_Good_Privacy
  4. Gift for responsible disclosure of security vulnerabilities.
  5. References for responsible disclosure of security vulnerabilities.
  6. Computer Security Incident Response Team, en.wikipedia.org/wiki/Computer_emergency_response_team
  7. European Network and Information Security Agency, en.wikipedia.org/wiki/European_Network_and_Information_Security_Agency
  8. www.debian.org/consultants/
  9. wiki.debian.org/DebianMaintainer#Introduction

Last modified: 2014-09-30

Log in as admin