I’m the Chairman, Founder, and CTO of Bugcrowd. I got my start in cybersecurity nearly 20 years ago as a penetration tester, before moving to the ‘dark side’ of solutions architecture and sales. In 2008, I formed the Tall Poppy Group with my wife Vivian and began working as a full-time career entrepreneur.
My practical experience ranges from startups and not-for-profits to governments and multinationals, where I’ve specialized in troubleshooting and bridging gaps between the technical and business sides of information security.
In 2012, I pioneered the crowdsourced-security-as-a-service model and launched the first program on Bugcrowd. Two years later, I started disclose.io, an open-source project for vulnerability disclosure and safe-harbor. I’ve also been actively involved in the CTI Cyber League, contributed to Federal and State-level election security policy in the USA, and been an active advocate for rights of good-faith cybersecurity research.
Media and Speaking
I’m a keen speaker and media commentator, having presented at DEF CON, Black Hat USA, RSA Conference, Techcrunch DISRUPT, Shmoocon, ENISA Incibe, Usenix ENIGMA, Derbycon, SOURCEConf, AISA, AusCERT, and many more.
I’ve also had the opportunity to share my experience with others with quotes in most major media outlets in the United States and Australia. A list of press quotations, interviews, podcasts, and papers I’ve contributed to or been featured in can be found here.
Casey is the Chairman, Founder and CTO of Bugcrowd. He is an 20+ year veteran of information security as a career, and has been inventing stuff and generally getting technology to do things it isn't supposed to since childhood.
Professionally, he has worn a variety of hats, working as a pentester, security and risk consultant and solutions architect, CSO, and then most recently as a career entrepreneur and company leader. Casey pioneered the Crowdsourced Security as a Service model, launching the first bug bounty programs on the Bugcrowd platform in 2012, and co-founded the disclose.io vulnerability disclosure standardization project in 2014.
Casey is a sought after industry visionary, media commentator, and public speaker, and has presented at DEF CON, Black Hat USA, RSA Conference, Techcrunch DISRUPT, Shmoocon, ENISA Incibe, Usenix ENIGMA, Derbycon, SOURCEConf, AISA, AusCERT, and many more.
A proud ex-pat of Sydney, Australia, Casey lives with his wife and two kids in the San Francisco Bay Area. He is happy as long as he is pursuing potential.