A Logo

Feel free to include my content in your page via my
RSS feed

Help Irongeek.com pay for
bandwidth and research equipment:

Search Irongeek.com:

Affiliates:
Irongeek Button
Social-engineer-training Button

Help Irongeek.com pay for bandwidth and research equipment:

paypalpixle


How building a better hacker accidentally built a better defender - Casey Ellis Derbycon 2014 (Hacking Illustrated Series InfoSec Tutorial Videos)

How building a better hacker accidentally built a better defender
Casey Ellis
Derbycon 2014

Today’s cybersecurity battle is not a fair fight: the cyberthieves growing in numbers and sophistication on a daily basis are overwhelming today’s enterprises and their dated practices of in,house and scheduled penetration testing. As a result, enterprises are turning to crowdsourced security programs known as bug bounties to accelerate their software testing and the triaging and repair of resulting vulnerabilities. Bug bounties are the wisdom of the crowd applied to software testing. They are also a great training ground to make product development teams more security,aware. Tapping the crowd for security testing builds better hackers and a better application testing discipline for enterprises, leading to safer products that make it to market faster than with traditional testing methods.By putting the numbers, expertise, motivation and speed of the crowd to work in your favor, a bug bounty program will give your enterprise the tools and process to rapidly test your product and discover and fix flaws in record time. In this talk, CEO and Co,founder of Bugcrowd, Casey Ellis, will explain how bug bounties work and will share case studies that show how these programs have changed the enterprise security model. He will outline how enterprises can tap into the talents of over 10, 000 active researchers to help defend against the volume and complexity of today’s cyber threats.

Back to Derbycon 2014 video list

Printable version of this article

15 most recent posts on Irongeek.com:


If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

Copyright 2016, IronGeek
Louisville / Kentuckiana Information Security Enthusiast