POPULARITY
In this episode of The Digital Executive, Brian Thomas sits down with Dave Gerry, a seasoned cybersecurity leader and current CEO of Bugcrowd. Dave shares how Bugcrowd is reshaping the cybersecurity landscape through a crowdsourced model that taps into a global network of over 600,000 ethical hackers. He explains how this approach not only expands access to elite talent but also helps organizations stay ahead of rapidly evolving threats.Dave also unpacks the growing impact of AI on both defenders and attackers, highlighting how Bugcrowd empowers companies to detect and respond to threats faster than ever. From zero-day vulnerabilities to shifting perceptions about ethical hackers, this conversation offers a deep dive into the future of cybersecurity. Tune in to hear how Bugcrowd is helping companies turn the tide in the fight against cyber threats.
Send us a textGuest: Dave Gerry, CEO of BugcrowdDave is no stranger to navigating major transitions. After joining Bugcrowd as COO in 2022 and quickly stepping into the CEO role, he led the company through a management shakeup, restructured teams, and spearheaded a strategy that resulted in $102 million in funding—all within 18 months.In this discussion, Dave shared insights from his experience at the company. He highlighted the importance of relationships and culture in leadership, emphasizing that success is not solely measured by financial outcomes but by the connections made within the team and with clients. Gerry outlined Bugcrowd's services, including bug bounty programs and penetration testing, which help organizations identify vulnerabilities in their security measures. He stressed the need for collaboration with channel partners to enhance service delivery and community engagement, which is vital for uncovering vulnerabilities that internal teams might miss.The conversation also touched on team dynamics, where Gerry emphasized the importance of aligning team members with the company's culture and goals, advocating for motivation driven by purpose rather than financial incentives.Check out our past interview with Bugcrowd: https://www.e-channelnews.com/get-ready-for-crowdsource-hacking/
Learn what ethical hackers can teach us about the next era of artificial intelligence.We speak with Michael Skelton, VP of Operations and Sajeeb Lohani, Global TISO for Bugcrowd on the latest edition of 'Inside The Mind Of A Hacker'.We're also joined by CJ Fairhead who is a Senior Penetration Tester, OSCP Certified, Security obsessed and tinkerer of things. Passionate about combining years of Internal IT experience with his security knowledge for Red Team engagements, CJ is involved in the Bug Bounty scene and works on giving back to the community through tool development, blog posts or just general advice. In the latest edition of ITMOAH, dive inside the minds of 1000 hackers and see your organization from a new perspective, with the latest analysis on security researchers and their transformative use of generative AI.For more information and to access more, including the Bugcrowd Report series - visit https://mysecuritymarketplace.com/bugcrowd-register-to-access/#bugcrowd #cisoseries #mysecuritytv #cybersecurity #ITMOAH #ethicalhackers
We speak with Dina Mathers, Chief Information Security Officer, Carvana alongside Nick Mckenzie, Chief Information & Security Officer with Bugcrowd.Dina Mathers, who leads Information Security at Carvana - was recently awarded the CISOs Top 100 Accelerated CISOs Award which recognizes leaders who are shaping the future of cybersecurity. Carvana engages Bugcrowd for bug bounty and vulnerability assessments, with Dina giving candid insights into the scalability, business value and assurances that the Bugcrowd platform provides.Carvana (NYSE: CVNA) is an industry pioneer for buying and selling used vehicles online. As the fastest growing used automotive retailer in U.S. history, its proven, customer-first ecommerce model has positively impacted millions of people's lives through convenient, accessible and transparent experiences.Carvana allows customers to browse a nationwide inventory and purchase a vehicle from the comfort of their home entirely online, benefiting from a 7-day money back guarantee, home delivery and more. Customers also have the option to sell or trade-in their vehicle online in seconds. For more information visit https://mysecuritymarketplace.com/bugcrowd-register-to-access/#bugcrowd #cisoseries #mysecuritytv #cybersecurity
As part of our Bugcrowd Leadership Series, we speak with Dave Gerry, Chief Executive Officer of Bugcrowd on his most recent visit to Sydney and the region. His visit for Cybercon in Melbourne also follows with the company recently securing a USD50 million capital growth facility from the Silicon Valley Bank and also appointing Trey Ford, as chief information security officer for the Americas.We also refer to the latest edition of ITMOAH, which dives inside the minds of 1,000 hackers and the latest analysis on security researchers and their transformative use of generative AI.For more on the CxO Perspectives and Hack the Hacker Series with Bugcrowd visit https://mysecuritymarketplace.com/bugcrowd-register-to-access/#bugcrowd #mysecuritytv #cisoseries #bugbounty
In this episode of The Cybersecurity Defenders Podcast, we recount some hacker history, and with the help of Casey Ellis, Founder and CSO at Bugcrowd, tell the story of the largest critical infrastructure ransomware attacks in history: The Colonial PipelineOn May 7, 2021, Colonial Pipeline, an American oil pipeline system that originates in Houston, Texas, and carries gasoline and jet fuel mainly to the Southeastern United States, suffered a ransomware cyberattack that impacted computerized equipment managing the pipeline. The Colonial Pipeline Company halted all pipeline operations to contain the attack. Overseen by the FBI, the company paid the amount that was asked by the hacker group (75 bitcoin or $4.4 million USD) within several hours; upon receipt of the ransom, an IT tool was provided to the Colonial Pipeline Company by DarkSide to restore the system. However, the tool required a very long processing time to restore the system to a working state.This episode was written by the talented Nathaniel Nelson.Casey Ellis can be found on LinkedIn here.
We speak with Dina Mathers, Chief Information Security Officer, Carvana alongside Nick Mckenzie, Chief Information & Security Officer with Bugcrowd.Dina Mathers, who leads Information Security at Carvana - was recently awarded the CISOs Top 100 Accelerated CISOs Award which recognizes leaders who are shaping the future of cybersecurity. Carvana engages Bugcrowd for bug bounty and vulnerability assessments, with Dina giving candid insights into the scalability, business value and assurances that the Bugcrowd platform provides.Carvana (NYSE: CVNA) is an industry pioneer for buying and selling used vehicles online. As the fastest growing used automotive retailer in U.S. history, its proven, customer-first ecommerce model has positively impacted millions of people's lives through convenient, accessible and transparent experiences.Carvana allows customers to browse a nationwide inventory and purchase a vehicle from the comfort of their home entirely online, benefiting from a 7-day money back guarantee, home delivery and more. Customers also have the option to sell or trade-in their vehicle online in seconds. For the full interview and more information visit https://mysecuritymarketplace.com/bugcrowd-register-to-access/#bugcrowd #cisoseries #mysecuritytv #cybersecurity
We speak with Dina Mathers, Chief Information Security Officer, Carvana alongside Nick Mckenzie, Chief Information & Security Officer with Bugcrowd.Dina Mathers, who leads Information Security at Carvana - was recently awarded the CISOs Top 100 Accelerated CISOs Award which recognizes leaders who are shaping the future of cybersecurity. Carvana engages Bugcrowd for bug bounty and vulnerability assessments, with Dina giving candid insights into the scalability, business value and assurances that the Bugcrowd platform provides.Carvana (NYSE: CVNA) is an industry pioneer for buying and selling used vehicles online. As the fastest growing used automotive retailer in U.S. history, its proven, customer-first ecommerce model has positively impacted millions of people's lives through convenient, accessible and transparent experiences.Carvana allows customers to browse a nationwide inventory and purchase a vehicle from the comfort of their home entirely online, benefiting from a 7-day money back guarantee, home delivery and more. Customers also have the option to sell or trade-in their vehicle online in seconds. For the full interview and more information visit https://mysecuritymarketplace.com/bugcrowd-register-to-access/#bugcrowd #cisoseries #mysecuritytv #cybersecurity
We speak with Dina Mathers, Chief Information Security Officer, Carvana alongside Nick Mckenzie, Chief Information & Security Officer with Bugcrowd.Dina Mathers, who leads Information Security at Carvana - was recently awarded the CISOs Top 100 Accelerated CISOs Award which recognizes leaders who are shaping the future of cybersecurity. Carvana engages Bugcrowd for bug bounty and vulnerability assessments, with Dina giving candid insights into the scalability, business value and assurances that the Bugcrowd platform provides.Carvana (NYSE: CVNA) is an industry pioneer for buying and selling used vehicles online. As the fastest growing used automotive retailer in U.S. history, its proven, customer-first ecommerce model has positively impacted millions of people's lives through convenient, accessible and transparent experiences.Carvana allows customers to browse a nationwide inventory and purchase a vehicle from the comfort of their home entirely online, benefiting from a 7-day money back guarantee, home delivery and more. Customers also have the option to sell or trade-in their vehicle online in seconds. For the full interview and more information visit https://mysecuritymarketplace.com/bugcrowd-register-to-access/#bugcrowd #cisoseries #mysecuritytv #cybersecurity
Nick McKenzie, CI&SO with Bugcrowd & Sumit Bansal, VP Asia Pacific & Japan, BlueVoyant discuss CxO perspectives on supply chain defence and Third Party Risk Management (TPRM).To join the series visit https://mysecuritymarketplace.com/bugcrowd-register-to-access/ #bugcrowd #mysecuritytv
Unlock the secrets of effective threat management with cybersecurity experts plus representatives from the Hacker community. This series will dive into the realm of cybersecurity and cybercrime analytics as our line-up of hackers and technologists debate the crucial role ethical hacking plays in fortifying digital defences. This includes exploring the 'living off the land' strategies, offensive best practices, and insights on harnessing the ethical hacker's prowess to stay one step ahead in the ever-evolving threat landscape. Don't miss this illuminating series on proactive cybersecurity measures that can redefine the way organizations safeguard their digital assets. Casey Ellis, Chief Strategy Officer with Bugcrowd was originally a hacker before becoming an entrepreneur, pioneering crowdsourced cybersecurity. He has advised the US Department of Defence, Australian and UK intelligence communities, plus US House and Senate legislative initiatives including pre-emptive protection of cyberspace ahead of the 2020 presidential elections. Saj Lohani, is a celebrated Whitehat hacker and in the Hacker Hall of Fame for Amazon, Yahoo, Github, AT&T, US Defense and others. At Bugcrowd his role is Global TISO & Snr Director, Cybersecurity. To join the series visit https://mysecuritymarketplace.com/bugcrowd-register-to-access/ #bugcrowd #mysecuritytv
Hot on the heels of Bugcrowd recently achieving Unicorn status, following their recent USD $102 million fund raise, Bugcrowd's CEO Dave Gerry and founder and Chief Strategy Officer, Casey Ellis outline Bugcrowd's vision for the future and plans for growth and expansion throughout the Asia Pacific region in 2024/5 and beyond.Dave Gerry has been in the AppSec market for nearly a decade and has held key leadership positions within several cybersecurity companies such as WhiteHat Security, Veracode, Sumo Logic, and The Herjavec Group. Dave is passionate about building programs that are repeatable, scalable, and predictable, helping to drive customer business outcomes and technical value.Casey Ellis was originally a hacker before becoming an entrepreneur, pioneering crowdsourced cybersecurity. He has advised the US Department of Defence, Australian and UK intelligence communities, plus US House and Senate legislative initiatives including pre-emptive protection of cyberspace ahead of the 2020 presidential elections.To join the series visit https://mysecuritymarketplace.com/bugcrowd-register-to-access/#bugcrowd #mysecuritytv
カスペルスキーは、「Disclose.ioと共に信頼関係の構築を」と題するブログを公開した。「Disclose.io」はBugcrowdのプロジェクトで、脆弱性の発見に携わる組織やリサーチャーの保護を目的とするもの。
Michael Mann's 1995 thriller Heat is considered by many people to be the best crime movie ever made. And hidden inside the intricate plot is a story of a lone hacker with a background at DARPA who uses his skills to set up scores for the crews in LA's underworld. Meg Gardiner, the co-author of Heat 2, and Casey Ellis, cofounder of Bugcrowd, join Dennis Fisher to dig into the technological and psychological details of this modern masterpiece. This is Deciphering Heat.Check out Meg's newest thriller, Shadowheart.
"Identity security has been around forever though", you might be thinking. Allow me to clarify. Identity is the largest cybersecurity product category, but most of it is focused on identity governance, authentication, multi-factor, etc. Very little of it is focused on operational identity security. It's this trend, where we recently (within the last 2 years) started seeing the ITDR (Identity Threat Detection and Response) acronym that we'll be focused on today. Particularly: Why is this trend/spike occurring now? What was or is missing to do identity security properly? What does the future of securing identity look like? And it's difficult to do better for this conversation than Will Lin. He spent the last half decade as a VC. On a daily basis, he was looking at the big picture of cybersecurity markets and trends. He discussed security challenges with CISOs and other security buyers on a regular basis, both directly and through the Security Tinkerers community he founded. All this led to a decision to quit the VC world to become a founder himself. Of all the categories he could have chosen, he chose identity security, and that's why we're happy to have him for this conversation. Segment Resources: The Future of Identity AKA Identity promo video focused on the future of Identity We start off discussing the latest round of fundings, centered largely around data security and securing LLM use. This dovetails into a discussion about marketing language and how difficult it can be for buyers to work out what the latest round of early stage startups are doing. Next, we discuss Cloudflare and Bugcrowd's acquisitions, as well as Synopsys's divestiture of its appsec portfolio. From here, we dive into a raft of new features across both IT and cybersecurity products, like Azure, Dashlane, LastPass, and PagerDuty. Discussing Huntress's active remediation feature triggers a conversation about this latest product trend: vendors seem to think buyers are ready for fully automated remediation actions. We're not so sure they are. To wrap up the cybersecurity coverage, Brandon Dixon has an interesting tutorial regarding a Security Copilot use case that looks a LOT like the default phishing enrichment use case that has been used for every SOAR POC ever. To clarify, this is a great piece in that it is all practical, has no marketing fluff, and shows you how to do something useful with Security Copilot. Where it pulls up short is managing to live up to the hype we've been hearing about Security Copilot from day one. We agree to table the discussion on Microsoft Recall until we know more about what GA of the feature will look like, and then dig into a VERY interesting squirrel story about an audio-based hacking puzzle created by a rock band. The interview will delve into the healthcare industry's tumultuous year in 2023, marked by 124 million breached health records across 725 hacking incidents (according to The HIPAA Journal). This interview will explore the critical role that MSSPs play in safeguarding health data and systems against potential security incidents, such as ransomware and business email compromise attacks. Jim Broome will share how to proactively prepare for an incident - including establishing a comprehensive incident response plan, outlining strategies for containment, restoration, and ongoing security operations, and how an MSSP can help. Segment Resources: Tales from the Road Blog: An External Pen Test at a Healthcare Organization Reveals the Dangers of the Dark Web - https://www.directdefense.com/tales-from-the-road-an-external-pen-test-reveals-the-dangers-of-the-dark-web/ 2023 Security Operations Threat Report: https://go.directdefense.com/2023-Security-Operations-Threat-Report This segment is sponsored by DirectDefense. Visit https://securityweekly.com/directdefensersac to learn more about them! In the dynamic landscape of cybersecurity, the urgency to eliminate passwords as a security vulnerability has never been more critical. Organizations are continuing to face a surge in the variety and complexity of cyber threats at historical rates, often fueled by compromised employee login credentials – resulting from attacks such as phishing which has been exacerbated by the rise in use of Artificial Intelligence (AI). The 2023 Verizon Data Breach Investigations Report underscores the staggering impact of breaches caused by stolen credentials, accounting for a staggering 74% of incidents. Christopher Harrell, Yubico's Chief Technology Officer, shares how organizations can achieve passwordless authentication at scale with high assurance phishing-resistant multi-factor authentication (MFA) to elevate their security posture against phishing attacks while creating phishing-resistant users. Segment Resources: https://www.yubico.com/blog/empowering-enterprise-security-at-scale-with-new-product-innovations-yubikey-5-7-and-yubico-authenticator-7/ https://www.yubico.com/press-releases/yubicos-key-product-innovations-empower-enterprise-security-and-phishing-resistant-passwordless-authentication-at-scale/ This segment is sponsored by Yubico. Visit https://securityweekly.com/yubicorsac to learn more about them! In this podcast segment, we delve into Sophos' fifth annual State of Ransomware report, exploring significant findings and trends in the evolving ransomware landscape. We'll discuss the sharp increase in recovery costs, the strategic targeting of backups by hackers, and the evolving role of cyber insurance in ransom payments. Our discussion will provide insights into how organizations can adapt their cybersecurity measures to mitigate these heightened threats and recover more effectively from attacks. Segment Resources: Blog: The State of Ransomware 2024 Report: https://assets.sophos.com/X24WTUEQ/at/9brgj5n44hqvgsp5f5bqcps/sophos-state-of-ransomware-2024-wp.pdf Press release: Ransomware Payments Increase 500% In the Last Year, Finds Sophos State of Ransomware Report This segment is sponsored by Sophos. Visit https://www.securityweekly.com/sophosrsac to learn more about them! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw-364
We start off discussing the latest round of fundings, centered largely around data security and securing LLM use. This dovetails into a discussion about marketing language and how difficult it can be for buyers to work out what the latest round of early stage startups are doing. Next, we discuss Cloudflare and Bugcrowd's acquisitions, as well as Synopsys's divestiture of its appsec portfolio. From here, we dive into a raft of new features across both IT and cybersecurity products, like Azure, Dashlane, LastPass, and PagerDuty. Discussing Huntress's active remediation feature triggers a conversation about this latest product trend: vendors seem to think buyers are ready for fully automated remediation actions. We're not so sure they are. To wrap up the cybersecurity coverage, Brandon Dixon has an interesting tutorial regarding a Security Copilot use case that looks a LOT like the default phishing enrichment use case that has been used for every SOAR POC ever. To clarify, this is a great piece in that it is all practical, has no marketing fluff, and shows you how to do something useful with Security Copilot. Where it pulls up short is managing to live up to the hype we've been hearing about Security Copilot from day one. We agree to table the discussion on Microsoft Recall until we know more about what GA of the feature will look like, and then dig into a VERY interesting squirrel story about an audio-based hacking puzzle created by a rock band. Show Notes: https://securityweekly.com/esw-364
We start off discussing the latest round of fundings, centered largely around data security and securing LLM use. This dovetails into a discussion about marketing language and how difficult it can be for buyers to work out what the latest round of early stage startups are doing. Next, we discuss Cloudflare and Bugcrowd's acquisitions, as well as Synopsys's divestiture of its appsec portfolio. From here, we dive into a raft of new features across both IT and cybersecurity products, like Azure, Dashlane, LastPass, and PagerDuty. Discussing Huntress's active remediation feature triggers a conversation about this latest product trend: vendors seem to think buyers are ready for fully automated remediation actions. We're not so sure they are. To wrap up the cybersecurity coverage, Brandon Dixon has an interesting tutorial regarding a Security Copilot use case that looks a LOT like the default phishing enrichment use case that has been used for every SOAR POC ever. To clarify, this is a great piece in that it is all practical, has no marketing fluff, and shows you how to do something useful with Security Copilot. Where it pulls up short is managing to live up to the hype we've been hearing about Security Copilot from day one. We agree to table the discussion on Microsoft Recall until we know more about what GA of the feature will look like, and then dig into a VERY interesting squirrel story about an audio-based hacking puzzle created by a rock band. Show Notes: https://securityweekly.com/esw-364
"Identity security has been around forever though", you might be thinking. Allow me to clarify. Identity is the largest cybersecurity product category, but most of it is focused on identity governance, authentication, multi-factor, etc. Very little of it is focused on operational identity security. It's this trend, where we recently (within the last 2 years) started seeing the ITDR (Identity Threat Detection and Response) acronym that we'll be focused on today. Particularly: Why is this trend/spike occurring now? What was or is missing to do identity security properly? What does the future of securing identity look like? And it's difficult to do better for this conversation than Will Lin. He spent the last half decade as a VC. On a daily basis, he was looking at the big picture of cybersecurity markets and trends. He discussed security challenges with CISOs and other security buyers on a regular basis, both directly and through the Security Tinkerers community he founded. All this led to a decision to quit the VC world to become a founder himself. Of all the categories he could have chosen, he chose identity security, and that's why we're happy to have him for this conversation. Segment Resources: The Future of Identity AKA Identity promo video focused on the future of Identity We start off discussing the latest round of fundings, centered largely around data security and securing LLM use. This dovetails into a discussion about marketing language and how difficult it can be for buyers to work out what the latest round of early stage startups are doing. Next, we discuss Cloudflare and Bugcrowd's acquisitions, as well as Synopsys's divestiture of its appsec portfolio. From here, we dive into a raft of new features across both IT and cybersecurity products, like Azure, Dashlane, LastPass, and PagerDuty. Discussing Huntress's active remediation feature triggers a conversation about this latest product trend: vendors seem to think buyers are ready for fully automated remediation actions. We're not so sure they are. To wrap up the cybersecurity coverage, Brandon Dixon has an interesting tutorial regarding a Security Copilot use case that looks a LOT like the default phishing enrichment use case that has been used for every SOAR POC ever. To clarify, this is a great piece in that it is all practical, has no marketing fluff, and shows you how to do something useful with Security Copilot. Where it pulls up short is managing to live up to the hype we've been hearing about Security Copilot from day one. We agree to table the discussion on Microsoft Recall until we know more about what GA of the feature will look like, and then dig into a VERY interesting squirrel story about an audio-based hacking puzzle created by a rock band. The interview will delve into the healthcare industry's tumultuous year in 2023, marked by 124 million breached health records across 725 hacking incidents (according to The HIPAA Journal). This interview will explore the critical role that MSSPs play in safeguarding health data and systems against potential security incidents, such as ransomware and business email compromise attacks. Jim Broome will share how to proactively prepare for an incident - including establishing a comprehensive incident response plan, outlining strategies for containment, restoration, and ongoing security operations, and how an MSSP can help. Segment Resources: Tales from the Road Blog: An External Pen Test at a Healthcare Organization Reveals the Dangers of the Dark Web - https://www.directdefense.com/tales-from-the-road-an-external-pen-test-reveals-the-dangers-of-the-dark-web/ 2023 Security Operations Threat Report: https://go.directdefense.com/2023-Security-Operations-Threat-Report This segment is sponsored by DirectDefense. Visit https://securityweekly.com/directdefensersac to learn more about them! In the dynamic landscape of cybersecurity, the urgency to eliminate passwords as a security vulnerability has never been more critical. Organizations are continuing to face a surge in the variety and complexity of cyber threats at historical rates, often fueled by compromised employee login credentials – resulting from attacks such as phishing which has been exacerbated by the rise in use of Artificial Intelligence (AI). The 2023 Verizon Data Breach Investigations Report underscores the staggering impact of breaches caused by stolen credentials, accounting for a staggering 74% of incidents. Christopher Harrell, Yubico's Chief Technology Officer, shares how organizations can achieve passwordless authentication at scale with high assurance phishing-resistant multi-factor authentication (MFA) to elevate their security posture against phishing attacks while creating phishing-resistant users. Segment Resources: https://www.yubico.com/blog/empowering-enterprise-security-at-scale-with-new-product-innovations-yubikey-5-7-and-yubico-authenticator-7/ https://www.yubico.com/press-releases/yubicos-key-product-innovations-empower-enterprise-security-and-phishing-resistant-passwordless-authentication-at-scale/ This segment is sponsored by Yubico. Visit https://securityweekly.com/yubicorsac to learn more about them! In this podcast segment, we delve into Sophos' fifth annual State of Ransomware report, exploring significant findings and trends in the evolving ransomware landscape. We'll discuss the sharp increase in recovery costs, the strategic targeting of backups by hackers, and the evolving role of cyber insurance in ransom payments. Our discussion will provide insights into how organizations can adapt their cybersecurity measures to mitigate these heightened threats and recover more effectively from attacks. Segment Resources: Blog: The State of Ransomware 2024 Report: https://assets.sophos.com/X24WTUEQ/at/9brgj5n44hqvgsp5f5bqcps/sophos-state-of-ransomware-2024-wp.pdf Press release: Ransomware Payments Increase 500% In the Last Year, Finds Sophos State of Ransomware Report This segment is sponsored by Sophos. Visit https://www.securityweekly.com/sophosrsac to learn more about them! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw-364
On the heels of raising $102 million earlier this year, Bugcrowd is making good on its promise to use some of that funding to make acquisitions to strengthen its security chops. Learn more about your ad choices. Visit podcastchoices.com/adchoices
Episode Webpage with all the charts : https://go.tribeglobal.vc/podcast/episode-39-tribe-talkin-ep-29-canva-cfo In todays episode of Tribe Talkin': Canva's CFO Damien Singh resigns: Tegan Jones of Smart Company first article. Bronwen Clune of Capital Brief first article. Tess Bennett and Jessica Sier of AFR article. Tegan Jones of Smart Company second article. Bronwen Clune of Capital Brief second article. Jessica Sier and Paul Smith of AFR article. David Swan of SMH article. Bronwen Clune of Capital Brief Toxic Positivity. Lucy Wark LinkedIn post. Ansarada acquired for $263 Million. Altium take over offer from Japan's Renesas. Haris Qureshi provides a great tech summary Three Aussie startups that raised $198.4 million this week: Bugcrowd: $156 million. Diraq: $23 million. Marqo: $19.4 million. Fat Zebra (undisclosed). Gilmore Space raises $55 million. Zuck not going down without a fight with Apple's new Vision Pro. Interesting medical use cases for Vision Pro . Zuck may be missing the point. AI boom continues: OpenAI Sora. Google upgraded Gemini. Nvidia releasing Chat with RTX. Where is this all heading? Michael Jackson provides a summary of the "AI is like Water" article by Morgan Beller. Taylor Swift provides some lessons in a world of falls 20%. Nvida has big shoes to fill from a valuation point of view. Markets are melting up. - Listener feedback which we very much appreciate Hello@tribeglobal.vc
Bugcrowd — the startup that taps into a database of half a million hackers to help organizations like OpenAI and the U.S. government set up and run bug bounty programs, cash rewards to freelancers who can identify bugs and vulnerabilities in their code — has picked up a big cash award. Learn more about your ad choices. Visit megaphone.fm/adchoices
This morning we have an interesting mix of stories, which bring technology, politics and AI together in interesting ways. To work:Stocks: It's another big week for earnings, including Hubspot, Instacart, Monday.com, and Cisco. We should learn a lot about the state of software and hardware sales as last year ended, and what some critical tech names see for the rest of the year.Crypto: Prices are up in the crypto world over the last week. Coinbase reports this week as well, which should give us a feel for how optimistic the leading North American crypto company is feeling.Waymo: Some folks set fire to a Waymo car in San Francisco. Which is so goddamned dumb that I would pull my hair out if I had any.Bugcrowd: A $102 million round? You love to see it. Mega-rounds have become less common in recent quarters, so when bug-bounty-focused Bugcrowd put together just such a round, we had to talk about it.AI field trips: No matter where you are founded, you are going to need to keep tabs on the AI work going on in Silicon Valley.We are back on Wednesday morning at the latest!For episode transcripts and more, head to Equity's Simplecast website.Equity drops at 7 a.m. PT every Monday, Wednesday and Friday, so subscribe to us on Apple Podcasts, Overcast, Spotify and all the casts. TechCrunch also has a great show on crypto, a show that interviews founders and more! Credits: Equity is hosted by TechCrunch's Alex Wilhelm and Mary Ann Azevedo. We are produced by Theresa Loconsolo with editing by Kell. Bryce Durbin is our Illustrator. We'd also like to thank the audience development team and Henry Pickavet, who manages TechCrunch audio products.
In the latest Decipher Memory Safe episode, Casey Ellis, founder and CTO of Bugcrowd, talks about everything from imposter syndrome to the security concept of “building it like it's broken.”
In this episode, Dr. Stacy Thayer talks with Casey Ellis about the motivations behind bug bounties, what makes a good bug bounty hunter, and why someone would choose to participate in a bug bounty program.
In this Special Edition episode from Hunters and Unicorns, we're treated to an engaging chat with Casey Ellis (Founder) and Dave Gerry (CEO) from the innovative cybersecurity company Bugcrowd. Casey, the pioneering brain behind Bugcrowd, takes us from his days of cracking codes to building a platform that empowers the good-guy hackers. Dave brings his rich tapestry of cybersecurity experiences to the table, painting a picture of how his past roles carved the path to his CEO position. The duo dive into the story of how Bugcrowd transitioned from its founder-focused roots to a broader leadership horizon, unpacking the wins and hurdles of growing a company. Their camaraderie is a testament to how trust, respect, and diverse strengths can forge a strong leadership bond. They also peel back the curtain on the art of cybersecurity sales, shedding light on the intricate dance of pitching to top security chiefs and the journey from the sales floor to the corner office. Both Casey and Dave are champions for cultivating a team spirit and a culture where everyone pulls together. Looking ahead, Bugcrowd's blueprint is all about upscaling the business, pushing the growth pedal to the metal, and branching out into untapped territories—all while honing their message to showcase their full suite of cyber-defenses beyond just bug bounties. It's clear that for Bugcrowd, the future's not just bright; it's groundbreaking.
Get Proton Mail for FREE: https://davidbombal.wiki/protonmail2 Big thanks to Proton for Sponsoring the video! This is an amazing collection of books and resources - both free and paid. Big thanks to Jason Haddix for sharing his knowledge to help us learn in 2024! // Books and Resources // Web application hacker's handbook: https://amzn.to/48sUNYb Web security academy, Port Swigger: https://portswigger.net/web-security OWASP Web Security Testing Guide: https://owasp.org/www-project-web-sec... Web Security Testing Guide Ellie Saad and Rick Mitchell v4.2: https://owasp.org/www-project-web-sec... Real world bug hunting: https://amzn.to/3TK1mSd Bug Bounty Bootcamp: https://amzn.to/41DW38B Red Team Field Manual: https://amzn.to/48ul0pl Red Team Development and Operations: A practical guide: https://amzn.to/3vez1Jl Operator Handbook: Red Team + OSINT + Blue Team Reference: https://amzn.to/3vemAgC Tribe of Hackers Red Team: https://amzn.to/47ef8zv The Pentester Blueprint: https://amzn.to/3tvA8E6 OSINT Techniques: Resources for uncovering online information: https://amzn.to/3S6xw9j Evading EDR: https://amzn.to/3toESeL Attacking Network Protocols: https://amzn.to/3TEFvv7 Black Hat GraphQL: https://amzn.to/47gHl8C Hacking API's: https://amzn.to/3TzS0Z5 APISEC University: https://www.apisecuniversity.com/ Black Hat Go: https://amzn.to/3RXV13W Black Hat Python: https://amzn.to/3NHFnHo Black Hat Bash: https://nostarch.com/black-hat-bash Zseano's methodology: https://www.bugbountyhunter.com/metho... Breaking into information security: https://amzn.to/3TI4n5h Expanding your security horizons: https://amzn.to/3GU07Iq Wiki Book Pentest living document: https://github.com/nixawk/pentest-wik... HackTRICKS: https://book.hacktricks.xyz/welcome/r... Fuzzing lists: https://github.com/secfigo/Awesome-Fu... Sec Lists: https://github.com/danielmiessler/Sec... Payloads all the things: https://github.com/swisskyrepo/Payloa... Pentester Lab: https://pentesterlab.com/ Try Hack Me: Red Team Fundamentals: https://tryhackme.com/module/red-team... HTB Academy: https://academy.hackthebox.com/ Hacktivity: https://hackerone.com/hacktivity/over... Vulnerable U: https://vulnu.mattjay.com/ Grzegorz Niedziela: https://members.bugbountyexplained.co... Or https://www.youtube.com/c/BugBountyRe... Sharing what matters in security: https://securib.ee/newsletter/ Intigriti: https://www.intigriti.com/ tl;dr sec: https://tldrsec.com/ Unsupervised learning: https://danielmiessler.com/subscribe Pentest Book: https://pentestbook.six2dez.com/ Bugcrowd: https://bugcrowd.com/crowdstream Trickest: https://trickest.com/ // Jason Haddix SOCIAL // Youtube: https://www.youtube.com/c/jhaddix LinkedIn: https://www.linkedin.com/in/jhaddix Twitter: https://twitter.com/Jhaddix Github: https://github.com/jhaddix Boddobot: https://buddobot.com/ The Bug Hunters Methodology Live: https://tbhmlive.com/56 // David's SOCIAL // Discord: https://discord.com/invite/usKSyzb X / Twitter: https://www.twitter.com/davidbombal Instagram: https://www.instagram.com/davidbombal LinkedIn: https://www.linkedin.com/in/davidbombal Facebook: https://www.facebook.com/davidbombal.co TikTok: http://tiktok.com/@davidbombal YouTube: https://www.youtube.com/@davidbombal // MY STUFF // https://www.amazon.com/shop/davidbombal // SPONSORS // Interested in sponsoring my videos? Reach out to my team here: sponsors@davidbombal.com hacking books hack python linux Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel! #hacking #hack #cybersecurity
Unleashing the Power of Crowdsourced Cybersecurity: A Conversation with Casey Ellis, Founder of Bugcrowd ️Meet Casey Ellis, the visionary entrepreneur who has redefined the landscape of cybersecurity through the groundbreaking platform he built – Bugcrowd. As the Founder and Chief Technology Officer of Bugcrowd, Casey Ellis has not only revolutionized the way organizations approach cybersecurity but has also championed the concept of crowdsourced security testing. With an innate passion for hacking and a deep understanding of the evolving threat landscape, Casey embarked on a mission to democratize cybersecurity. In our upcoming podcast interview, delve into the dynamic journey of a self-proclaimed hacker turned cybersecurity pioneer. Casey's brainchild, Bugcrowd, serves as a global community of ethical hackers and security professionals who collaborate to uncover and address vulnerabilities in digital systems. Learn how this innovative approach has empowered organizations across industries to proactively secure their digital assets, embracing the power of the collective in the fight against cyber threats. A trailblazer in the cybersecurity space, Casey Ellis brings a unique perspective to the podcast as he shares insights on the challenges and triumphs of building Bugcrowd from the ground up. Explore the intersections of technology, security, and community-driven solutions with a leader who has not only disrupted the status quo but has also fostered a culture of continuous improvement and collaboration. Join us for a riveting conversation as we uncover the secrets behind Bugcrowd's success, the evolving role of ethical hacking in today's digital landscape, and Casey's vision for a more secure and interconnected future. Whether you're a cybersecurity enthusiast, a tech aficionado, or simply curious about the forces shaping our digital world, this podcast episode with Casey Ellis is a must-listen. Visit https://www.securityweekly.com/psw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly Show Notes: https://securityweekly.com/vault-psw-7
Unleashing the Power of Crowdsourced Cybersecurity: A Conversation with Casey Ellis, Founder of Bugcrowd ️Meet Casey Ellis, the visionary entrepreneur who has redefined the landscape of cybersecurity through the groundbreaking platform he built – Bugcrowd. As the Founder and Chief Technology Officer of Bugcrowd, Casey Ellis has not only revolutionized the way organizations approach cybersecurity but has also championed the concept of crowdsourced security testing. With an innate passion for hacking and a deep understanding of the evolving threat landscape, Casey embarked on a mission to democratize cybersecurity. In our upcoming podcast interview, delve into the dynamic journey of a self-proclaimed hacker turned cybersecurity pioneer. Casey's brainchild, Bugcrowd, serves as a global community of ethical hackers and security professionals who collaborate to uncover and address vulnerabilities in digital systems. Learn how this innovative approach has empowered organizations across industries to proactively secure their digital assets, embracing the power of the collective in the fight against cyber threats. A trailblazer in the cybersecurity space, Casey Ellis brings a unique perspective to the podcast as he shares insights on the challenges and triumphs of building Bugcrowd from the ground up. Explore the intersections of technology, security, and community-driven solutions with a leader who has not only disrupted the status quo but has also fostered a culture of continuous improvement and collaboration. Join us for a riveting conversation as we uncover the secrets behind Bugcrowd's success, the evolving role of ethical hacking in today's digital landscape, and Casey's vision for a more secure and interconnected future. Whether you're a cybersecurity enthusiast, a tech aficionado, or simply curious about the forces shaping our digital world, this podcast episode with Casey Ellis is a must-listen. Show Notes: https://securityweekly.com/vault-psw-7
Unleashing the Power of Crowdsourced Cybersecurity: A Conversation with Casey Ellis, Founder of Bugcrowd ️Meet Casey Ellis, the visionary entrepreneur who has redefined the landscape of cybersecurity through the groundbreaking platform he built – Bugcrowd. As the Founder and Chief Technology Officer of Bugcrowd, Casey Ellis has not only revolutionized the way organizations approach cybersecurity but has also championed the concept of crowdsourced security testing. With an innate passion for hacking and a deep understanding of the evolving threat landscape, Casey embarked on a mission to democratize cybersecurity. In our upcoming podcast interview, delve into the dynamic journey of a self-proclaimed hacker turned cybersecurity pioneer. Casey's brainchild, Bugcrowd, serves as a global community of ethical hackers and security professionals who collaborate to uncover and address vulnerabilities in digital systems. Learn how this innovative approach has empowered organizations across industries to proactively secure their digital assets, embracing the power of the collective in the fight against cyber threats. A trailblazer in the cybersecurity space, Casey Ellis brings a unique perspective to the podcast as he shares insights on the challenges and triumphs of building Bugcrowd from the ground up. Explore the intersections of technology, security, and community-driven solutions with a leader who has not only disrupted the status quo but has also fostered a culture of continuous improvement and collaboration. Join us for a riveting conversation as we uncover the secrets behind Bugcrowd's success, the evolving role of ethical hacking in today's digital landscape, and Casey's vision for a more secure and interconnected future. Whether you're a cybersecurity enthusiast, a tech aficionado, or simply curious about the forces shaping our digital world, this podcast episode with Casey Ellis is a must-listen. Visit https://www.securityweekly.com/psw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly Show Notes: https://securityweekly.com/vault-psw-7
Unleashing the Power of Crowdsourced Cybersecurity: A Conversation with Casey Ellis, Founder of Bugcrowd ️Meet Casey Ellis, the visionary entrepreneur who has redefined the landscape of cybersecurity through the groundbreaking platform he built – Bugcrowd. As the Founder and Chief Technology Officer of Bugcrowd, Casey Ellis has not only revolutionized the way organizations approach cybersecurity but has also championed the concept of crowdsourced security testing. With an innate passion for hacking and a deep understanding of the evolving threat landscape, Casey embarked on a mission to democratize cybersecurity. In our upcoming podcast interview, delve into the dynamic journey of a self-proclaimed hacker turned cybersecurity pioneer. Casey's brainchild, Bugcrowd, serves as a global community of ethical hackers and security professionals who collaborate to uncover and address vulnerabilities in digital systems. Learn how this innovative approach has empowered organizations across industries to proactively secure their digital assets, embracing the power of the collective in the fight against cyber threats. A trailblazer in the cybersecurity space, Casey Ellis brings a unique perspective to the podcast as he shares insights on the challenges and triumphs of building Bugcrowd from the ground up. Explore the intersections of technology, security, and community-driven solutions with a leader who has not only disrupted the status quo but has also fostered a culture of continuous improvement and collaboration. Join us for a riveting conversation as we uncover the secrets behind Bugcrowd's success, the evolving role of ethical hacking in today's digital landscape, and Casey's vision for a more secure and interconnected future. Whether you're a cybersecurity enthusiast, a tech aficionado, or simply curious about the forces shaping our digital world, this podcast episode with Casey Ellis is a must-listen. Show Notes: https://securityweekly.com/vault-psw-7
In this episode of The Cybersecurity Defenders Podcast, we recount some hacker history, and with the help of Casey Ellis, Founder and CSO at Bugcrowd, tell the story of the largest critical infrastructure ransomware attacks in history: The Colonial PipelineOn May 7, 2021, Colonial Pipeline, an American oil pipeline system that originates in Houston, Texas, and carries gasoline and jet fuel mainly to the Southeastern United States, suffered a ransomware cyberattack that impacted computerized equipment managing the pipeline. The Colonial Pipeline Company halted all pipeline operations to contain the attack. Overseen by the FBI, the company paid the amount that was asked by the hacker group (75 bitcoin or $4.4 million USD) within several hours; upon receipt of the ransom, an IT tool was provided to the Colonial Pipeline Company by DarkSide to restore the system. However, the tool required a very long processing time to restore the system to a working state.This episode was written by the talented Nathaniel Nelson.Casey Ellis can be found on LinkedIn here.
We speak with Bugcrowd CEO Dave Gerry in Sydney as he visits Australia to meet with partners and customers. Bugcrowd, a multi-solution crowdsourced cybersecurity platform, has also announced significant global customer momentum, highlighting the market need for Bugcrowd's crowdsourced cybersecurity platform. The company's rapidly growing customer base includes top brands such as ExpressVPN, Rapyd and T-Mobile, which have chosen to partner with Bugcrowd for one or more of its Bug Bounty, Penetration Testing and Vulnerability Disclosure Programs. Serving nearly a thousand organizations worldwide, Bugcrowd empowers customers and hackers to unleash their ingenuity to protect brands and intellectual property. The company drove over 50% growth in payments to the hacker community through customer programs, amplifying a pivotal time of remarkable growth and innovation for the Bugcrowd Platform. ExpressVPN, an industry-leading privacy and security company, chose Bugcrowd for its world-class team of hackers that had skills expertly matched to their unique scope. The company's goal is to allow users to take control of their internet experience – with privacy and security at its core – and Bugcrowd makes this possible by streamlining the reporting, remediation, reward and disclosure processes of a public bug bounty program. ExpressVPN has been harnessing Bugcrowd's powerful and highly-scalable Vulnerability Disclosure and Bug Bounty programs to protect their data and customers for over three years.Bugcrowd's latest customers include U.K.-based fintech company Rapyd, who chose Bugcrowd for its ability to support organizations around the globe in scaling their security programs to meet rapid organizational growth. During a time of major acquisitions and the need for more focused API testing, the 500+ Rapyd team transitioned to Bugcrowd in order to leverage the company's highly specialized team of hackers that fit their exact needs. Bugcrowd's CrowdMatch technology, which enables precise crowd matching, allows organizations to connect with the right hackers for Rapyd's needs. In one year, the team found 40 total vulnerabilities, 15 of which were critical. Top customers also include T-Mobile, the U.S.' leader in 5G with the largest, fastest and most awarded 5G network in the country. T-Mobile and Bugcrowd launched a revamped public bug bounty platform to invite hackers to find vulnerabilities in T-Mobile's applications and websites. T-Mobile evaluates the reported vulnerabilities and takes appropriate action. Recorded 10 October, 2023. #mysecuritytv #cybersecurity #pentesting #bugbounty #bugcrowd
Casey Ellis is Founder/Chair/CTO of Bugcrowd, a Crowdsourced Cybersecurity Platform. Bugcrowd recently released “Inside the Mind of a Hacker 2023”, an interesting report that provides insights into the motivations, challenges, and specializations of hackers, as well as security implications of AI.Subscribe to the Gradient Flow Newsletter: https://gradientflow.substack.com/Subscribe: Apple • Spotify • Overcast • Google • AntennaPod • Podcast Addict • Amazon • RSS.Detailed show notes can be found on The Data Exchange web site.
Today's episode takes us to Las Vegas, Nevada, where I had the pleasure of meeting up with Casey Ellis during the Blackhat security conference. A pioneer in information security, Casey opens up about how he ventured into the realm of bug bounties and went on to create BugCrowd, the first crowdsourced vulnerability assessment company. From detailing the inception of BugCrowd to explaining how it altered the economics of finding bugs, Casey provides an insightful look into the ever-evolving landscape of information security. Our conversation goes beyond just bug bounties. We delve into the nitty-gritty of the industry's reaction to BugCrowd, explore the changing market dynamics in Infosec, and discuss the role of AI and its fragility in security. Casey also shares his personal experiences with entrepreneurship, mentoring, and his perspective on vulnerability in both the digital and physical world. Join us for this enlightening conversation with Casey Ellis, where tech meets entrepreneurship in a world brimming with secrets and discoveries.
The latest in cybersecurity: VMware, Fortinet, Apple, CISA KEV, Muddled Libra, PindOS, RateForce, Wilton Re, Barefoot Contessa, Peter Mark, OpenAI Bug Bounty.
In episode 78 of the We Hack Purple Podcast host Tanya Janca brings Jason Haddix on to talk about artificial intelligence, and (of course) how to hack it! Jason discussed how to use AI for both defense and offence, using plain language (conversational), rather than code, and what a red teaming exercise looks for such a system. We talked about what a large language model looks like, cleaning up data, and how easy it is to get them to do bad things. Jason invited everyone to the AI Village at Def Con this year, and so much more! There was also much love for Daniel Miessler, his articles on AI, and his newsletter Unsupervised Learning (https://danielmiessler.com/newsletter/). Listen to hear the whole thing!Jason Haddix AKA jhaddix is the CISO and “Hacker in Charge” at BuddoBot, a world-class adversary emulation and red teaming consultancy. He's had a distinguished 18-year career in cybersecurity previously serving as the CISO of Ubisoft, Head of Trust/Security/Operations at Bugcrowd, Director of Penetration Testing at HP, and Lead Penetration Tester at Redspin. He has also held positions doing mobile penetration testing, network/infrastructure security assessments, and static analysis. Jason is a hacker, bug hunter and currently ranked 51st all-time on Bugcrowd's bug bounty leaderboards. Currently, he specializes in recon, web application analysis, and emerging technologies. Jason Links! https://buddobot.com/https://twitter.com/BuddoBothttps://www.linkedin.com/company/buddobot/mycompany/https://twitter.com/Jhaddixhttps://www.jhaddix.com/https://www.linkedin.com/in/jhaddix/ Jason's Newsletter: https://executiveoffense.beehiiv.com/ Jason's training happening in July: https://tbhmlive.com/ Very special thanks to our sponsor!Semgrep Supply Chain's reachability analysis lets you ignore the 98% of false positives in open source vulnerabilities and quickly find and fix the 2% of issues that are actually reachable. Get Your Free Trial Here! Semgrep also makes a ludicrously fast static analysis tool They have a free and paid version of this tool, which uses an open-source engine, and offers additional community created ruleset! Check out Semgrep Code HERE Join We Hack Purple!Check out our brand new courses in We Hack Purple Academy (https://academy.wehackpurple.com/). Join us in the We Hack Purple Community (https://community.wehackpurple.com/): A fun and safe place to learn and share your knowledge with other professionals in the field. Subscribe to
In episode we learn about how Farah got started with cybersecurity while she comes from media background. She talks about how she's passionate about content creation in cybersecurity. She also talks about some of the latest trends she sees in infosec and definetly has advice for folks starting out in the industry. Tune in to this episode to learn more about her journey. Speaker Intro Farah started her journey in cybersecurity 3 years ago while she was working on her media degree in Mumbai. After working a few internships and a full-time gig at Bugcrowd, she recently joined Meta and will be a part of their bug bounty team managing their Whitehat program. In her free time, she is also a part-time bug bounty hunter and cybersecurity content creator on various social media platforms. You can reach out to her on Twitter - @Farah_Hawaa LinkedIn - https://www.linkedin.com/in/farah-hawa-a012b8162/ Instagram - farah_hawaa Youtube - https://www.youtube.com/@FarahHawa Day of Shecurity youtube link - https://www.youtube.com/c/DayofShecurity Follow "Stories of Infosec Journeys" podcast on LinkedIn - Stories of Infosec Journeys Twitter - @InfosecJourneys Instagram & Facebook - @storiesofinfosecjourneys Kindly rate the podcast on Spotify and leave a review on Apple podcast.
Future Squared with Steve Glaveski - Helping You Navigate a Brave New World
Niki Scevak is co-founder of Startmate, and founder and partner at Blackbird VC, Australia's largest venture capital fund, with its 5th fund having raised AUD$1B (US$640M). Blackbird was an early investor in Canva, SafetyCulture, CultureAmp, BugCrowd, RedBubble, and many more, and has to date generated a net internal rate of return of 56%. Niki joined me today to discuss: His life before Blackbird Successfully raising his first fund back in 2012, without having a network or any startup successes of his own Getting beyond the trough of disillusionment How Australian superannuation funds are opening their wallets to VC Scaling culture Generating deal flow Advice for founders and budding VCs on raising capital in a down market The AI investment landscape The battle between AI-powered indie hackers and venture-backed startups Whether sophisticated investor rules preventing retail investors from getting direct exposure to venture capital is just increasing the wealth gap Diversity, quotas, and Startmate's merit-based selection criteria And more. Show Notes: Email Niki: niki@blackbird.vc Web: www.blackbird.vc Twitter: https://twitter.com/nikiscevak?lang=en Contact Steve on Twitter at: https://twitter.com/steveglaveski Email Steve: hello@steveglaveski.com
Casey Ellis is the CEO of Bugcrowd, a platform that connects users with digital locksmiths/hackers to help solve their problems, they also offer task service management and security consulting. Casey has 18 years of experience in the security space and has supported every type of client from small start-ups to large national corporations. Casey and Ryan have an in-depth conversation around AI and Security and Casey also talks about Bugcrowd's interesting combination business model, talks about marketing virality and reveals why his company were a chosen partner by open AI to try and penetrate AI as an open-source programme. KEY TAKEAWAYS Bugcrowd uses a traditional SaaS business model alongside operating a marketplace too. Bugcrowd uses a combination of direct sales and channel marketing for its go-to-market strategy. The ethos behind Bugcrowd is that cybersecurity is a human problem and they focus on human creativity to solve it and then utilise technology to accelerate the solution. Having the ability to develop innovative tech as well as recognising and empathising with the human component uniquely placed Casey to build a solution like Bugcrowd. If you are looking at putting all of your eggs in one basket with one platform, make sure you have a great relationship with them. Viral marketing starts by creating value, initial value is what will engage people and want them to share. Being in the cybersecurity space for a considerable amount of time and building up a good reputation for doing what they do well, means Bugcrowd and its team often get approached for testing new tech. Casey believes having the goal and conviction around what you are looking to achieve in business is a better motivator than money. BEST MOMENTS “Cybersecurity is a human problem technology just makes it go faster” “Don't be valuable create value” “When new stuff comes out, we get a phonecall” “There's a trust in us as an organisation” “I wanna see the production of wealth actually being the product of something I've set out to solve” Do You Want The Closing Secrets That Helped Close Over $125 Million in New Business for Free?" Grab them HERE: https://www.whalesellingsystem.com/closingsecrets Ryan Staley Founder and CEO Whale Boss 312-848-7443 ryan@whalesellingsystem.com www.ryanstaley.io EPISODE RESOURCES https://www.linkedin.com/in/caseyjohnellis/ ABOUT THE SHOW How do you grow like a VC-backed company without taking on investors? Do you want to create a lifestyle business, a performance business or an empire? How do you scale to an exit without losing your freedom?Join the host Ryan Staley every Monday and Wednesday for conversations with the brightest and best Founders, CEO and Entrepreneurs to crack the code on repeatable revenue growth, leadership, lifestyle freedom and mindset.This show has featured Startup and Billion Dollar Founders, Best Selling Authors, and the World's Top Sales and Marketing Experts like Terry Jones (Founder of Travelocity and Chairman of Kayak), Andrew Gazdecki (Founder of Micro Acquire), Harpal Sambhi (Founder of Magical with a previous exit to Linkedin) and many more. This is where Scaling and Sales are made simple in 25 minutes or less.Saas, Saas growth, Scale, Business Growth, B2b Saas, Saas Sales, Enterprise Saas, Business growth strategy, founder, ceo: https://www.whalesellingsystem.com/closingsecretsSee omnystudio.com/listener for privacy information.
Reducing risk when it comes to cybersecurity isn't easy, and oftentimes, it's a daunting task – but with Bugcrowd's modern, crowd-powered Pen Testing as a Service suite, it doesn't have to be. Learn more at https://bugcrowd.com
Casey Ellis, founder and CTO of Bugcrowd, joins Dennis Fisher to discuss the newly formed Hacking Policy Council, the challenges of influencing security research policy and legislation, and what the council hopes to achieve.
For this week's episode, Casey Ellis, founder and CTO of Bugcrowd and co-founder of the http://disclose.io project., joins us to explore the risks and rewards of AI technology, including concerns around the notorious Chat GPT chatbot. As the global race to AI supremacy intensifies, Casey shares his thoughts on AI in the workplace, as a cyber defense, and the future of regulation and the ethics around determining AI liability. Casey is the Chairman, Founder, and Chief Technology Officer of Bugcrowd, as well as the co-founder of The disclose.io Project. He is a 20-year veteran of information security who spent his childhood inventing things and generally getting technology to do things it isn't supposed to do. Casey pioneered the Crowdsourced Security as-a-Service model, launching the first bug bounty programs on the Bugcrowd platform in 2012, and co-founded the disclose.io vulnerability disclosure standardization project in 2014. Since then, he has personally advised the US Department of Defense and Department of Homeland Security/CISA, the Australian and UK intelligence communities, and various US House and Senate legislative cybersecurity initiatives, including preemptive cyberspace protection ahead of the 2020 Presidential Elections. Casey, a native of Sydney, Australia, is based in the San Francisco Bay Area with his wife and two children. For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e219
We are joined by the Founder & Chair of Bugcrowd, Casey Ellis, to discuss where security research is today, where it is going, and many other aspects of how to think about securing systems.You'll learn:where security research is today, and where it is goingwhy businesses should be incentivized to secure systems (hint: not just because it's the right thing to do)how to think about security of open source systems________________________________GuestCasey EllisFounder, Chairman, and CTO of Bugcrowd [@Bugcrowd]On Twitter | https://twitter.com/caseyjohnellisOn LinkedIn | https://linkedin.com/in/caseyjohnellis________________________________HostTed HarringtonOn ITSPmagazine
When it comes to vulnerability disclosure, there can be a lot of unknowns. What is the first step in safely reporting? How can global bug bounty hunters better understand the specialized legalese in disclosure policies? Casey Ellis, Founder and CTO of Bugcrowd, addresses the importance of standardizing vulnerability disclosure policy language. Join in the de-villainization of ethical hackers and bug bounty hunters with Casey and the Cybrary team at Black Hat! Follow Cybrary on Social!! ~Twitter ~Instagram ~FaceBook ~YouTube ~LinkedIn
Traditional penetration testing has been a cornerstone of effective cybersecurity for decades, providing a vital baseline function for every security practice. But in the face of today's rapidly proliferating and diversifying cyberattacks, its consulting-heavy service delivery model is looking and feeling its age.Join us for a conversation with Justin Kestelyn as we take a unique journey into the past, present, and future of penetration testing. We get the opportunity to explore how the role of a pentest has evolved as part of a more extensive security program, how the tools have evolved, how the technique and skills have transformed, and how the human element is still crucial when outcomes matter more than just showing the results of a scan.It's time to re-imagine penetration testing. So let's do that together now.Have a listen.Note: This story contains promotional content. Learn more.GuestJustin KestelynHead Of Product Marketing at Bugcrowd [@Bugcrowd]On Twitter | https://twitter.com/kestelynOn Linkedin | https://www.linkedin.com/in/justinkestelyn/ResourcesBe sure to visit Bugcrowd at https://itspm.ag/itspbgcweb to learn more about their offering.eBook | See Security Differently™ Penetration Testing as a Service Done Right: https://itspm.ag/bugcro2ky8To see and hear more Redefining CyberSecurity content on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-cybersecurity-podcastAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story
Seth and Ken recap some of their experiences from LocoMocoSec, followed by a discussion on the recent Bugcrowd revelation that an employee attempted to re-submit reports for gain. A review of LaLuka's 60 RCEs in 60 minutes. Finally, thoughts on the recent Chinese data leak.
Links: TravisCI continues to be a security nightmare. Implementing IAM Permission Boundaries with AWS SSO using Terraform A user reported a vulnerability to a company through BugCrowd. The writeup is really worth reviewing. The RSA conference was apparently a super spreader event. Because nobody beats the Wiz, they've got a post up on the secret agents installed by cloud service providers. Partitioning and Isolating Multi-Tenant SaaS Data with Amazon S3 Service Notice – Upcoming changes required for AWS Config | AWS Cloud Operations & Migrations Blog Here's a list of best practices for writing Docker images that don't make you regret running them in production environments.
On today's episode we're unveiling 1Password's exciting new developer tools with our VP of Product Management, Tony Myers. Settle in for This Week at 1Password to learn more about the new SSH capability, CLI 2.0, our developer docs portal, and the frictionless workflow developers can expect.We also grimace our way through the security news in Watchtower Weekly (much like our reaction to rising gas prices) – you might want to think twice about checking prices using privacy-guzzling GasBuddy. ⛽️
Sandy Ritter, Staff Software Engineer in Mobile Development at P&G and co-director of the Cincinnati Chapter of Women Who Code, interviews Hannah Mace, Software Engineer at Bugcrowd. They discuss Hannah's path to tech, her boot camp experiences, the importance of mentorship, and ways to maintain the right professional mindset.
On this week's Cyber Work Podcast, BugCrowd and disclose.io! founder Casey Ellis discusses how to think like a cybercriminal, the crucial need for transparent vulnerability disclosure, the origins of BugCrowd and why mentorship is a gift that goes in both directions.– Join the monthly challenge: https://www.infosecinstitute.com/challenge – View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast0:00 - Intro 3:15 - Getting into cybersecurity4:30 - Criminal mindset in cybersecurity5:49 - Ellis's career to date 9:10 - Healthcare cybersecurity11:47 - Mentoring others 13:52 - Mentorship as a two-way street16:12 - Bugcrowd and bug bounty19:18 - Vulnerability disclosure project21:30 - Bug bounty popularity 24:52 - U.S. sanctions on hacking groups26:52 - Hiring hackers 31:52 - Pursue specialization 33:51 - Cyber threats flying under the radar39:17 - Working from home safely40:48 - How to get into bug bounties42:18 - How to report vulnerabilities44:04 - Advice to begin ethical hacking 45:23 - Learn more about Ellis 45:56 - OutroAbout InfosecInfosec believes knowledge is power when fighting cybercrime. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and privacy training to stay cyber-safe at work and home. It's our mission to equip all organizations and individuals with the know-how and confidence to outsmart cybercrime. Learn more at infosecinstitute.com.