Featured
-
Dropbox bug bounty program has paid out over $1,000,000
// Feb 03, 2020
-
How Dropbox Security builds tools for threat detection and incident response
// Oct 16, 2019
-
Offensive testing to make Dropbox (and the world) a safer place
// Nov 16, 2018
All Posts
-
Lessons learned: Using a cybersecurity vendor to check for malicious links
// May 09, 2023
-
How we handled a recent phishing incident that targeted Dropbox
// Nov 01, 2022
-
Defending against SSRF attacks (with help from our bug bounty program)
// Sep 20, 2022
-
Dropbox bug bounty program has paid out over $1,000,000
// Feb 03, 2020
-
How Dropbox Security builds tools for threat detection and incident response
// Oct 16, 2019
-
Towards better vendor security assessments
// Mar 27, 2019
-
Offensive testing to make Dropbox (and the world) a safer place
// Nov 16, 2018
-
Live-hacking Dropbox @ H1-3120
// Sep 10, 2018
-
Security culture, the Dropbox way
// Jun 01, 2018
-
Introducing WebAuthn support for secure Dropbox sign in
// May 08, 2018
-
MacOS monitoring the open source way
// Apr 26, 2018
-
Protecting Security Researchers
// Mar 21, 2018
-
Security at scale: the Dropbox approach
// Feb 13, 2018
-
Updates on the Dropbox Bug Bounty Program
// Sep 20, 2017
-
Preventing cross-site attacks using same-site cookies
// Mar 16, 2017
-
Meet Securitybot: Open Sourcing Automated Security at Scale
// Feb 22, 2017
-
How Dropbox securely stores your passwords
// Sep 21, 2016
-
[CSP] Third Party Integrations and Privilege Separation
// Sep 24, 2015
-
[CSP] The Unexpected Eval
// Sep 23, 2015
-
[CSP] Unsafe-inline and nonce deployment
// Sep 22, 2015
-
[CSP] On Reporting and Filtering
// Sep 21, 2015
-
Dropbox Bug Bounty Program: Best Practices
// Aug 31, 2015
-
Introducing the Dropbox bug bounty program
// Apr 15, 2015
-
zxcvbn: realistic password strength estimation
// Apr 10, 2012