SlowMist CISO points out the routine process for security companies to test trading platform security

On June 20th, in response to the dispute over the security bugs report between Kraken and CertiK, Slow Mist Technology Chief Information Security Officer 23pds said on the X platform that regardless of right or wrong, from the perspective of testing: 1. Security test, you can recharge the test in a small amount to prove the feasibility. 2. If it is to verify the risk control mechanism, you can obtain the authorization of the platform, a single test, the verification is completed, immediately contact the platform to refund, and keep the complete record of communication with the platform. 3. Give the platform a corresponding solution, and the two parties negotiate the bounty and other follow-up matters. In response to who is right and who is wrong about this incident, 23pds recommends that the two companies send out the communication records to get proof.