Building
First principles
Simple is strong. Respect is key. Build it like you own it. Don’t be valuable, create value. Think like a hacker. 360-degree accountability.
Casey Ellis
Hacker, founder, advisor, and pioneer of crowdsourced security. Founder of Bugcrowd, co-founder of disclose.io, principal of Tall Poppy Group. Board member at SRLDF.
Security
Priority One: Insights into Submission and Payment Trends
2020: Chaos is a Ladder As 2020 comes to a close, I’ve started to see summaries of the year pop up, covering lessons learned from the year nobody saw coming… As years go, 2020 was full of those! While I wish I could go back in time and tell
Security
To err is human — Kerckhoffs' Principle in Software Transparency
Shannon and Kerckhoff were pioneers of disclosure thinking — They understood the concept of “build it like it’s broken”. This was especially true in WWII cryptography, but it’s becoming increasingly clear in its relevance to the 'peacetime' software that we use today.
Security
Hacking styles
Broadly, there are two things that come into play when it comes to the style a person applies to hacking: The level of experience, and the overall wiring of the hacker.
Security
A message to folks providing "free testing" at the moment
TLDR: If you’re performing any active, unsanctioned testing on healthcare systems: Please stop it. Don’t make their job any harder than it is right now.
Security
COVID-19/Coronavirus — What are the bad guys up to?
As expected, the covid19 pandemic has out brought some of the Internet’s worst. I’ve been working with several groups to information share and fight back on this stuff, including the COVID-19 CTI Group.
Security
Changes
You know that awkward thing at the moment when you see someone and go to shake their hand or hug them, then pull away… and then feel like a jerk because of the implied social signal? Is this bow too close? Literally the entire world is going through versions of
Security
The importance of delivering well
In general, people like to be think they have the ability to assess risk… you see it in kids jumping over puddles, you see it in adults with the stock market. Society looks up to those who’ve taken a measured gamble and won, and there are few greater drives
Security
On #stopthespread and school closures
On the decision to keep schools open in Australia yesterday: It’s not that kids don’t catch covid. It seems that everyone catches covid. * According to the Australian Chief Medical Officer, schools are under represented in global data as hotspots of community spread. * This is especially clear compared to
Security
Tools for the WFH apocalypse
Well… It’s been an interesting couple of weeks. Viv, the kids, and I decided to bug out back to Australia last Thursday to care for our parents while the COVID-19 situation stabilizes in the US and evolves here in Australia. We’re very much looking forward to getting back
Building
My moves for #rsac2020 & #bsidessf week
Deep breaths, because here we go again!!! The full list of Bugcrowd events can be found here… We’ve got a lot on this week, so check it out, brush up your calendars, and we’ll see you out there! Meet Bugcrowd at RSA | BugcrowdMeet with Bugcrowd at BSides, Local
Policy
Hacking Democracy On Securing an Election (Shmoocon 2020)
Democracy is the cornerstone of America’s Constitution, identity, and ideology, and this foundation was shaken during the 2016 Presidential Election.