Founded in 2020, Whitehat Nigeria is composed of Nigeria Security Researchers whose motivation are patrotism, professionalism, and profit making which intend to help reposition the cybersecurity posture of Nigeria by engaging in an open security research of the Nation’s cyberspace and report all sensitive findings to affected organizations. With the hope of forcing all organizations to adopt Vulnerability Disclosure Policy (VDP) which will help ensure that the available attack surfaces for the adversary are being totally reduce. On the believe that until VDP adoption increases, vulnerabilities will continue to remain unreported, and breaches will continue at an accelerated rate, pushing for a managed disclosure situation which is preferable to one without control.
For our continuos operation, we are going to be relying largely on the cooperation of all organizations in all sectors be it public and private to join hands and collaborate with us on the great initiatives. Support from member of the general public will be appreciated as we embark on this journey.
We encourage organizations with digital assets to reach out to Whitehat Nigeria to discuss how they can get their VDP developed to encourage more vulnerability to be reported as nearly 1 in 4 hackers have not reported a discovered vulnerability because the company didn’t have a channel to disclose it, according to 2018 Hacker Report from Hacker One.
VDPs are intended to remedy that situation by giving finders clear directions on how to report a potential vulnerability, and giving your internal security team an easy means with which to receive such reports. It also helps eliminate the potential business chaos should someone not know how to report a vulnerability and it winds up on social media.
The role of regulators such as NITDA and professional associations like CSEAN and NAIJASECFORCE is paramount for the success of this project. Let us join hands together to push for a responsible disclosure in Nigeria.