G’day! My name is Casey Ellis, and I’m the Chairman, Founder, and CTO of Bugcrowd. I got my start in cybersecurity nearly 20 years ago as a penetration tester, before moving to the ‘dark side’ of solutions architecture and sales. In 2008, I formed the Tall Poppy Group with my wife Vivian and began working as a full-time career entrepreneur.
My practical experience ranges from startups and not-for-profits to governments and multinationals, where I’ve specialized in troubleshooting and bridging gaps between the technical and business sides of information security.
In 2012, I pioneered the crowdsourced-security-as-a-service model and launched the first program on Bugcrowd. Two years later, I started disclose.io, an open-source project for vulnerability disclosure and safe-harbor. I’ve also been actively involved in the CTI Cyber League, contributed to Federal and State-level election security policy in the USA, and been an active advocate for rights of good-faith cybersecurity research.
I’m a keen speaker and media commentator, having presented at DEF CON, Black Hat USA, RSA Conference, Techcrunch DISRUPT, Shmoocon, ENISA Incibe, Usenix ENIGMA, Derbycon, SOURCEConf, AISA, AusCERT, and many more.
I’ve also had the opportunity to share my experience with others with quotes in most major media outlets in the United States and Australia. A list of press quotations, interviews, podcasts, and papers I’ve contributed to or been featured in can be found here.
I’m normally based in the Bay Area (currently in Sydney, Australia due to COVID) and spend my off-hours with family, playing music, or snowboarding.
You can reach me via: