Security
Two-thirds of ethical hackers considering bug bounty hunting as a full-time career
Casey Ellis, founder and CTO at Bugcrowd, said bug bounty hunters are ultimately entrepreneurs in their own right.
Security
The technical heart: vulnerability research, disclosure, threat analysis, the craft of finding and fixing
![[TRANSCRIPT] Threats that may have gone unnoticed by organizations during the pandemic](https://storage.ghost.io/c/ec/8a/ec8abb38-39b9-4422-95b9-695b2a5e652e/content/images/size/w600/2021/08/Screen-Shot-2021-08-28-at-9.34.21-PM.png)
Security
[TRANSCRIPT] Threats that may have gone unnoticed by organizations during the pandemic
Casey Ellis, the founder, chairman and CTO of Bugcrowd, told SC Media Senior Reporter Joe Uchill that companies should think about the various threat scenarios that emerged over the last year that they may have missed as employees return to the office environment.
![[TRANSCRIPT] Threat hunting in the age of work-from-home](https://storage.ghost.io/c/ec/8a/ec8abb38-39b9-4422-95b9-695b2a5e652e/content/images/size/w600/2021/08/Screen-Shot-2021-08-28-at-9.35.35-PM.png)
Security
[TRANSCRIPT] Threat hunting in the age of work-from-home
Casey Ellis, the founder, chairman and CTO of Bugcrowd, told SC Media Senior Reporter Joe Uchill that there’s always going to be corporate infrastructure that provides information for a threat hunter, such as VPN, antivirus, and endpoint detection and response.
Security
IT Visionaries Podcast with Malcolm Harkness
On this roundtable episode of IT Visionaries, we explore the impact A.I. and technology are having on society and cybersecurity with Casey Ellis, the founder and CTO of Bugcrowd and Malcolm Harkins, a cybersecurity advisor, coach and board member.
Security
The Bar Fight Risk Taxonomy
After hearing "vulnerability" and "threat" used interchangeably for a >9,000th time I decided to do something about it, and the Bar Fight Risk Taxonomy was born.
Security
On Project Zero's 90+30 vulnerability disclosure policy changes
Google is acknowledging the increasing prevalence of n-day exploitation in the wild, particularly over the past 18 months (e.g. the CISA/NSA memo) have taken their next step in refining how they strike balance between these forces.
Security
Security Research and Disclosure: The Unauthorized Biography — Nullcon March 2021
Title: Security Research and Disclosure: The Unauthorized Biography | Casey John Ellis | Nullcon Conference March 2021
Security
A thought re vulnerability research clustering
The fact that insecure software pipelines are exploitable feels a little like the idea that bugs exist in old F/OSS code, or that a chip design might not be 100% perfect. It's almost QED - but in the defensive realm, people weren't looking there.
Security
Help! My Social Media has been hacked!
I know you do security stuff with computers and my Twitter/Facebook/Instagram/etc has been hacked! It's posting all kinds of strange stuff that isn't from me. What do I do to stop this???
Security
Van Buren v. United States — Oral Argument
The Supreme Court heard oral argument in Van Buren v. United States, a case concerning a statute of the Computer Fraud and Abuse Act (CFAA) and violations of terms of service agreements.
Security
Krebs Has A Posse
Security
Vulnerability annihilation since 1851
"What Hobbs had in mind was not the usual cajoling of a provincial bank into an upgrade, but exposing weaknesses in the British Empire itself by revealing the faults of one of Day and Newell’s competitors."