Skip to content
← home

tag

#learn

94 posts

Processing experience into insight - retrospectives, lessons

Policy

VentureBeat: How ethical hackers are trying to protect the 2020 U.S. elections

“All software is vulnerable,” Bugcrowd CTO Casey Ellis said. “It just depends on how long you’re taking to look to find those vulnerabilities. Humans write code, and humans make mistakes.”…

23 Oct 2020 · 1 min read
Thinking

Data is the new oil: Breach edition

Data is the new oil... It spills everywhere, trashes the environment, and is impossible to clean up. Think before you store.…

07 Oct 2020 ·
Security

Vulnerability annihilation since 1851

"What Hobbs had in mind was not the usual cajoling of a provincial bank into an upgrade, but exposing weaknesses in the British Empire itself by revealing the faults of one of Day and Newell’s competitors."…

05 Oct 2020 · 1 min read
Security

Information Asymmetry and the 1950s Nuclear Bounty

Props to Matt Ploessel for calling out this one... I'd not heard of a bounty around nuclear weapons until today.…

29 Sep 2020 · 3 min read
Security

Are you making a Walkman? Or an iPod?

When the walkman was introduced, it created a category. It's brand also became the term of description for that category.…

29 Sep 2020 · 3 min read
Building

NIST SP 800-53 R5 adds Vulnerability Disclosure Programs

NIST SP 800-53 Revision 5 is yet another step towards the legitimization of the Internet’s Immune System. Everyone who has worked on legitimizing the work of good-faith hackers for the past 30 years or more can feel encouraged by this release.…

28 Sep 2020 · 4 min read
Personal

Quick note for mentees

Seasoned experts get as much out of the “feet on the street” insights and energy of younger mentee as the mentee gets from their wisdom of the mentor.…

22 Sep 2020 · 1 min read
Personal

4 Questions for Leaders

I had a coach share this with me a little while back and it resonated - It's a valuable and simple framework, and a good set of questions to always be in a position to answer.…

15 Sep 2020 · 1 min read
Building

Techcrunch: Use ‘productive paranoia’ to build cybersecurity culture at your startup

At TechCrunch Early Stage, we asked Casey Ellis, founder, chairman and chief technology officer at Bugcrowd, to share his ideas for how startups can improve their security posture.…

11 Sep 2020 · 6 min read
Security

The Nth Country Experiment and Coincident Vulnerability Discovery

Nth Country Experiment - Nuclear MuseumCould any country with the right knowledge and technology build a nuclear bomb? From May 1964 to April 1967, the…

31 Aug 2020 · 1 min read
Policy

Group Letter re IoT Cybersecurity Improvement Act (H.R. 1668)

We the undersigned cybersecurity companies and professionals write to express strong support for the IoT Cybersecurity Improvement Act (H.R. 1668). We respectfully urge you and your colleagues to support expedited passage of the bill before the end of the 116th Congress.…

29 Aug 2020 · 1 min read
Building

Public Comment from Casey Ellis, Bugcrowd re DRAFT BOD 20-01

Dear Director Krebs and CISA/DHS team, Thank you for the opportunity to comment on this Binding Operational Directive...…

27 Aug 2020 · 6 min read