I’m the Chairman, Founder, and CTO of Bugcrowd. I got my start in cybersecurity nearly 20 years ago as a penetration tester, before moving to the ‘dark side’ of solutions architecture and sales. In 2008, I formed the Tall Poppy Group with my wife Vivian and began working as a full-time career entrepreneur.
My practical experience ranges from startups and not-for-profits to governments and multinationals, where I’ve specialized in troubleshooting and bridging gaps between the technical and business sides of information security.
In 2012, I pioneered the crowdsourced-security-as-a-service model by founding and launching the first program on Bugcrowd, which has gone on to raise 80M USD of venture capital and effectively transformed the security assessment industry. Two years later, I started disclose.io, an open-source project for vulnerability disclosure and safe-harbor. I’ve also been actively involved in the CTI Cyber League, contributed to Federal and State-level election security policy in the USA, and been an active advocate for the rights of good-faith cybersecurity research.
Media and Speaking
I’m an experienced keynote speaker and have presented at DEF CON, Black Hat USA, RSA Conference, Techcrunch DISRUPT, Shmoocon, ENISA Incibe, Usenix ENIGMA, Derbycon, SOURCEConf, AISA, AusCERT, and many others.
I’ve also had the opportunity to plenty of media commentary on a variety of subjects, with quotes in most major media outlets in the United States and Australia. A list of press quotations, interviews, podcasts, and papers I’ve contributed to or been featured in can be found here.
Casey is the Chairman, Founder, and CTO of Bugcrowd. He is a 20+ year information security veteran who has spent his childhood inventing things and generally getting technology to do things it isn't supposed to do. This led to a career in cybersecurity, where he worked as a pentester, security/risk consultant and solutions architect, Chief Security Officer, serial entrepreneur, and business leader.
Casey established the Crowdsourced Security as a Service model, launching the first bug bounty programs on the Bugcrowd platform in 2012, and co-founded the disclose.io vulnerability disclosure standardization project in 2014.
Since then, he has personally advised the US Department of Defense and Department of Homeland Security/CISA, the Australian and UK intelligence communities, and various US House and Senate legislative cybersecurity initiatives (including pre-emptive cyberspace protection ahead of the 2020 Presidential Elections).
Casey, a native of Sydney, Australia, splits his time between Sydney and the San Francisco Bay Area with his wife and two kids.