Here’s some of the talks and events I’ll be at over the next few months:
Billington 10th Annual Cybersecurity Summit
September 4-5 2019
Washington DC
Hacker Halted (Keynote)
October 10-11 2019
Georgia, Atlanta
As AI accelerates the offense-defense asymmetry, bug bounties and vulnerability disclosure remain essential. Casey Ellis on the future of bug bounties, the evolving threat landscape, and how disclose.io and the SRLDF protect the researchers keeping us safe.
* Every vulnerability costs something to put there. * Every vulnerability costs something to discover. * Every vulnerability costs something to fix. * The exploitation of every vulnerability has a value associated with it.
There's a fresh conversation happening about the distinction between bug bounty programs and vulnerability disclosure programs. This is an area where the distinction between a bug bounty program (cash or cash equivalent proactively offered to the public) and a vulnerability disclosure program (which can optionally offer a thank-you
Last Saturday Jan 31 was my last day "inside the tent" at Bugcrowd.