Building
If a tech solution falls in the forest...
A solution disconnected from it's problem isn't actually solving anything.
Casey Ellis
Hacker, founder, advisor, and pioneer of crowdsourced security. Founder of Bugcrowd, co-founder of disclose.io, principal of Tall Poppy Group. Board member at SRLDF.
Security
What the Netflix ‘Zero Day’ series got right about incident response
That said, the widespread nature of the effects shown in the six-part series are definitely plausible. Industrial control systems and the infrastructure that supports them are riddled with zero-day vulnerabilities, alongside the more common "known, yet unpatched" n-day vulnerabilities.
Security
Bug Bounties, The Wanted Poster For Ethical Hackers — Future Secured Episode 35
Crowdsourced security empowers ethical hackers to protect digital assets, reshaping cybersecurity. Casey Ellis encourages entrepreneurs to lead with resilience, delegate wisely, prioritize health, and embrace innovation amid chaos for lasting impact and scalable success.
Security
The Original Bug Bounty: Alfred Hobbs and the Great Lock Controversy of 1851
Alfred Hobbs: The OG bug bounty hunter who cracked England’s ‘unpick-able’ locks. His breaker mindset exposed flaws, sparked innovation, and proved no system is perfect.
Security
NEBULA:FOG:PRIME – AI x Security Panel Discussion
It was an privilege to participate on this panel at the NEBULA:FOG:PRIME AI x Security Hackathon event on the 25th of January.
Security
A few security predictions for 2025
It's that time of year again... Here are a few trends that I see making their presence felt in 2025 - These are a work in progress, and I might expand on a few of these: 1. Peacetime cyber vs. wartime cyber: 10 years from now, we'
Security
Some thoughts about Typhoons
What's the deal with Volt Typhoon, Salt Typhoon, and Flax Typhoon - and what do we need to do?
Security
You're Soaking In It: Systemic Cyber Struggles
Synopsis In this episode of Resilient Cyber Chris Hughes chats with Cyber industry veterans and long-time leaders Wendy Nather and Casey Ellis about systemic cyber struggles, issues that still plague us over the years, and some of the economic incentives at play (or not) when it comes to cybersecurity. Casey
Personal
Little update: “Rumors of my death have been greatly exaggerated”
It’s been just over three weeks since I randomly “let the Internet know” that I was heading in for unexpected heart surgery...
Policy
Builders and Breakers: Partnering for Secure Elections
In September 2023, the IT-ISAC Elections Industry SIG launched a first-of-its kind pilot program in which election technology providers gave security researchers access to modern voting technology under the principles of Coordinated Vulnerability Disclosure.
Security
Bugs on a Plane: Implementing a Bug Bounty in an Airline IT/OT Environment
Bug bounty programs are a valuable tool for security efforts but only if they are correctly applied. This is particularly true for airlines who have to secure both the IT business systems and OT aircraft systems that enable the business to operate safely.
Personal
My office setup — Part 3 (US edition)
Optimizing my home office space for a work-from-home/hybrid setup became a bit of a hobby during the pandemic, and since returning to the USA from Australia in 2021 I've essentially replicated the successful aspects of the Sydney setup, with a few modifications.