I’m the Chairman, Founder, and CTO of Bugcrowd. I got my start in cybersecurity nearly 20 years ago as a penetration tester, before moving to the ‘dark side’ of solutions architecture and sales. In 2008, I formed the Tall Poppy Group with my wife Vivian and began working as a full-time career entrepreneur.


My practical experience ranges from startups and not-for-profits to governments and multinationals, where I’ve specialized in troubleshooting and bridging gaps between the technical and business sides of information security.

In 2012, I pioneered the crowdsourced-security-as-a-service model and launched the first program on Bugcrowd. Two years later, I started disclose.io, an open-source project for vulnerability disclosure and safe-harbor. I’ve also been actively involved in the CTI Cyber League, contributed to Federal and State-level election security policy in the USA, and been an active advocate for rights of good-faith cybersecurity research.

Media and Speaking

I’m a keen speaker and media commentator, having presented at DEF CON, Black Hat USA, RSA Conference, Techcrunch DISRUPT, Shmoocon, ENISA Incibe, Usenix ENIGMA, Derbycon, SOURCEConf, AISA, AusCERT, and many more.

I’ve also had the opportunity to share my experience with others with quotes in most major media outlets in the United States and Australia. A list of press quotations, interviews, podcasts, and papers I’ve contributed to or been featured in can be found here.

Offical Bio

Casey is the Chairman, Founder, and CTO of Bugcrowd He is a 20+ year career veteran of information security, and has been inventing stuff and generally getting technology to do things it isn't supposed to since childhood.
Casey has worn a variety of professional hats, working as a pentester, security/risk consultant and solutions architect, Chief Security Officer, and most recently as a career entrepreneur and company leader. Casey pioneered the Crowdsourced Security as a Service model, launching the first bug bounty programs on the Bugcrowd platform in 2012, and co-founded the disclose.io vulnerability disclosure standardization project in 2014.
Casey is a sought-after industry visionary, media commentator, and keynote speaker, and has presented at DEF CON, Black Hat, RSA Conference, Techcrunch DISRUPT, Shmoocon, ENISA, Usenix ENIGMA, Nullcon, Derbycon, SOURCEConf, AISA, AusCERT, and others. He has advised the US Department of Defense, Australian and UK Intelligence Communities, and US House and Senate legislative initiatives including pre-emptive protection of cyberspace ahead of the 2020 Presidential Elections.
A proud native of Sydney, Australia, Casey lives with his wife and two kids between Sydney and the San Francisco Bay Area. He is happy as long as he is pursuing potential.

Offical Headshot

Casey John Ellis