Podcast appearances and mentions of Casey Ellis

  • 47PODCASTS
  • 90EPISODES
  • 56mAVG DURATION
  • 1MONTHLY NEW EPISODE
  • Jun 1, 2025LATEST

POPULARITY

20172018201920202021202220232024


Best podcasts about Casey Ellis

Latest podcast episodes about Casey Ellis

Risky Business News
Sponsored: HD Moore on why vuln scanners are awful and broken

Risky Business News

Play Episode Listen Later Jun 1, 2025 15:21


In this sponsored interview, Risky Business Media's brand new interviewer Casey Ellis chats with runZero founder and CEO HD Moore about why vuln scanning tech is awful and broken. He also talks about how they're trying to do something better by glueing their own discovery product to the nuclei open source vulnerability scanner. Show notes

Bare Knuckles and Brass Tacks
From Hacker to Founder, and Cybersecurity's Future

Bare Knuckles and Brass Tacks

Play Episode Listen Later Apr 21, 2025 45:15


“When you look at cybersecurity…we've got to be constantly thinking about how we disrupt ourselves in order to actually solve the problem."Casey Ellis is a hacker, a founder, and an advisor and investor. Occupying a lot of different vantage points in cyber has given him a very unique perspective on the industry.George K and George A talk to Casey about: How Casey went from hacker to solution architect to entrepreneur, creating a marketplace that connects ethical hackers with companies who need them Why security startups focused solely on acquisition are hurting the industry (and why defenders deserve better) The reality check on AI in security - separating hype from actual value Why human creativity will always be necessary in security (automation is great, but humans build systems and humans break them)It's real and it's raw. As always.

Running with Maverick and Wolfman
#90 First Marathon in 2:26: Casey "Diamonds" Ellis

Running with Maverick and Wolfman

Play Episode Listen Later Mar 25, 2025 47:59


This man is Fast!  He ran his first Marathon in 2:26.  His accomplishments don't stop there.  Casey Ellis was an extremely successful collegiate runner who has since  won the Run for the Diamonds (an over 100 year old race in Berwick, Pennsylvania) along with his most recent accomplishment of breaking a 44 year old course record.  Casey has run a 1:05 1/2 Marathon and now has set a goal to run the Marathon in the US Olympic Trials."The first 19 miles went great and then I didn't fuel enough and it went down hill real quick!"- Casey Ellis Great job Casey! Thanks for being on the show and keep up the great Running!Thanks for Listening and Supporting the show (click the support the show link) Enjoy the Run!Support the showThanks for listening to Running with Maverick and Wolfman. If you are enjoying the podcast please like and share on facebook, X, follow on instagram and support the show. Thank you to those who have supported already.If you have questions please e-mail or submit them on facebook or instagram. Thanks!This podcast if for informational purposes only and should not be considered professional healthcare advice. We are not responsible for any losses, damages, or liabilities that may arise from the use of this podcast. This podcast is not intended to replace medical advice. The views expressed in this podcast may not be those of the hosts or the management. THIS PODCAST IS NOT AFFILIATED IN ANY WAY WITH THE TOP GUN MOTION PICTURES OR PARAMOUNT PICTURES INC.

Running with Maverick and Wolfman
#89 "IRISH I was training!"

Running with Maverick and Wolfman

Play Episode Listen Later Mar 18, 2025 15:12


Maverick and Wolfman are discussing the ups and downs of training (We've all been there).  Advice for motivation is a definite in this episode.  Tangents will find their way in as always (Laugh and Enjoy).  Also, a big shout out congrats to Casey Ellis for breaking a 44 year old record ("He sure is Fast!").If you are enjoying the show please like, share, subscribe and support (link below).Thanks for Listening.Enjoy the Run!Support the showThanks for listening to Running with Maverick and Wolfman. If you are enjoying the podcast please like and share on facebook, X, follow on instagram and support the show. Thank you to those who have supported already.If you have questions please e-mail or submit them on facebook or instagram. Thanks!This podcast if for informational purposes only and should not be considered professional healthcare advice. We are not responsible for any losses, damages, or liabilities that may arise from the use of this podcast. This podcast is not intended to replace medical advice. The views expressed in this podcast may not be those of the hosts or the management. THIS PODCAST IS NOT AFFILIATED IN ANY WAY WITH THE TOP GUN MOTION PICTURES OR PARAMOUNT PICTURES INC.

The Cybersecurity Defenders Podcast
#184 - Hacker Holidays: The Colonial Pipeline

The Cybersecurity Defenders Podcast

Play Episode Listen Later Jan 1, 2025 21:51


In this episode of The Cybersecurity Defenders Podcast, we recount some hacker history, and with the help of Casey Ellis, Founder and CSO at Bugcrowd, tell the story of the largest critical infrastructure ransomware attacks in history: The Colonial PipelineOn May 7, 2021, Colonial Pipeline, an American oil pipeline system that originates in Houston, Texas, and carries gasoline and jet fuel mainly to the Southeastern United States, suffered a ransomware cyberattack that impacted computerized equipment managing the pipeline. The Colonial Pipeline Company halted all pipeline operations to contain the attack. Overseen by the FBI, the company paid the amount that was asked by the hacker group (75 bitcoin or $4.4 million USD) within several hours; upon receipt of the ransom, an IT tool was provided to the Colonial Pipeline Company by DarkSide to restore the system. However, the tool required a very long processing time to restore the system to a working state.This episode was written by the talented Nathaniel Nelson.Casey Ellis can be found on LinkedIn here.

Cyber Security Weekly Podcast
Episode 408 - Series Insight 2 of 4 - Hack the Hacker Series introduction with Bugcrowd's CSO & TISO

Cyber Security Weekly Podcast

Play Episode Listen Later Aug 12, 2024


Unlock the secrets of effective threat management with cybersecurity experts plus representatives from the Hacker community. This series will dive into the realm of cybersecurity and cybercrime analytics as our line-up of hackers and technologists debate the crucial role ethical hacking plays in fortifying digital defences. This includes exploring the 'living off the land' strategies, offensive best practices, and insights on harnessing the ethical hacker's prowess to stay one step ahead in the ever-evolving threat landscape. Don't miss this illuminating series on proactive cybersecurity measures that can redefine the way organizations safeguard their digital assets. Casey Ellis, Chief Strategy Officer with Bugcrowd was originally a hacker before becoming an entrepreneur, pioneering crowdsourced cybersecurity. He has advised the US Department of Defence, Australian and UK intelligence communities, plus US House and Senate legislative initiatives including pre-emptive protection of cyberspace ahead of the 2020 presidential elections. Saj Lohani, is a celebrated Whitehat hacker and in the Hacker Hall of Fame for Amazon, Yahoo, Github, AT&T, US Defense and others. At Bugcrowd his role is Global TISO & Snr Director, Cybersecurity. To join the series visit https://mysecuritymarketplace.com/bugcrowd-register-to-access/ #bugcrowd #mysecuritytv

Cyber Security Weekly Podcast
Episode 407 - Series Insight 1 of 4 - Bugcrowd's future plans for growth and expansion throughout the Asia Pacific

Cyber Security Weekly Podcast

Play Episode Listen Later Aug 11, 2024


Hot on the heels of Bugcrowd recently achieving Unicorn status, following their recent USD $102 million fund raise, Bugcrowd's CEO Dave Gerry and founder and Chief Strategy Officer, Casey Ellis outline Bugcrowd's vision for the future and plans for growth and expansion throughout the Asia Pacific region in 2024/5 and beyond.Dave Gerry has been in the AppSec market for nearly a decade and has held key leadership positions within several cybersecurity companies such as WhiteHat Security, Veracode, Sumo Logic, and The Herjavec Group. Dave is passionate about building programs that are repeatable, scalable, and predictable, helping to drive customer business outcomes and technical value.Casey Ellis was originally a hacker before becoming an entrepreneur, pioneering crowdsourced cybersecurity. He has advised the US Department of Defence, Australian and UK intelligence communities, plus US House and Senate legislative initiatives including pre-emptive protection of cyberspace ahead of the 2020 presidential elections.To join the series visit https://mysecuritymarketplace.com/bugcrowd-register-to-access/#bugcrowd #mysecuritytv

Decipher Security Podcast
Deciphering Heat

Decipher Security Podcast

Play Episode Listen Later Jun 17, 2024 62:28


Michael Mann's 1995 thriller Heat is considered by many people to be the best crime movie ever made. And hidden inside the intricate plot is a story of a lone hacker with a background at DARPA who uses his skills to set up scores for the crews in LA's underworld. Meg Gardiner, the co-author of Heat 2, and Casey Ellis, cofounder of Bugcrowd, join Dennis Fisher to dig into the technological and psychological details of this modern masterpiece. This is Deciphering Heat.Check out Meg's newest thriller, Shadowheart.

Decipher Security Podcast
Memory Safe: Casey Ellis

Decipher Security Podcast

Play Episode Listen Later Jan 17, 2024 49:23


In the latest Decipher Memory Safe episode, Casey Ellis, founder and CTO of Bugcrowd, talks about everything from imposter syndrome to the security concept of “building it like it's broken.”

CyberPsych
Episode 8: The Bounty Mindset: Understanding the Psychology of Bug Bounty Hunters with Casey Ellis, Founder and Chief Strategy Officer of Bugcrowd

CyberPsych

Play Episode Listen Later Jan 16, 2024 40:59


In this episode, Dr. Stacy Thayer talks with Casey Ellis about the motivations behind bug bounties, what makes a good bug bounty hunter, and why someone would choose to participate in a bug bounty program.

Hunters and Unicorns
Hunters + Unicorns Special Edition | Casey Ellis and Dave Gerry - Founder vs CEO, is 2 a crowd?

Hunters and Unicorns

Play Episode Listen Later Jan 12, 2024 61:37


In this Special Edition episode from Hunters and Unicorns, we're treated to an engaging chat with Casey Ellis (Founder) and Dave Gerry (CEO) from the innovative cybersecurity company Bugcrowd. Casey, the pioneering brain behind Bugcrowd, takes us from his days of cracking codes to building a platform that empowers the good-guy hackers. Dave brings his rich tapestry of cybersecurity experiences to the table, painting a picture of how his past roles carved the path to his CEO position. The duo dive into the story of how Bugcrowd transitioned from its founder-focused roots to a broader leadership horizon, unpacking the wins and hurdles of growing a company. Their camaraderie is a testament to how trust, respect, and diverse strengths can forge a strong leadership bond. They also peel back the curtain on the art of cybersecurity sales, shedding light on the intricate dance of pitching to top security chiefs and the journey from the sales floor to the corner office. Both Casey and Dave are champions for cultivating a team spirit and a culture where everyone pulls together. Looking ahead, Bugcrowd's blueprint is all about upscaling the business, pushing the growth pedal to the metal, and branching out into untapped territories—all while honing their message to showcase their full suite of cyber-defenses beyond just bug bounties. It's clear that for Bugcrowd, the future's not just bright; it's groundbreaking.

Paul's Security Weekly
Hacker Heroes - Casey Ellis - PSW Vault

Paul's Security Weekly

Play Episode Listen Later Jan 3, 2024 75:40


Unleashing the Power of Crowdsourced Cybersecurity: A Conversation with Casey Ellis, Founder of Bugcrowd ️Meet Casey Ellis, the visionary entrepreneur who has redefined the landscape of cybersecurity through the groundbreaking platform he built – Bugcrowd. As the Founder and Chief Technology Officer of Bugcrowd, Casey Ellis has not only revolutionized the way organizations approach cybersecurity but has also championed the concept of crowdsourced security testing. With an innate passion for hacking and a deep understanding of the evolving threat landscape, Casey embarked on a mission to democratize cybersecurity. In our upcoming podcast interview, delve into the dynamic journey of a self-proclaimed hacker turned cybersecurity pioneer. Casey's brainchild, Bugcrowd, serves as a global community of ethical hackers and security professionals who collaborate to uncover and address vulnerabilities in digital systems. Learn how this innovative approach has empowered organizations across industries to proactively secure their digital assets, embracing the power of the collective in the fight against cyber threats. A trailblazer in the cybersecurity space, Casey Ellis brings a unique perspective to the podcast as he shares insights on the challenges and triumphs of building Bugcrowd from the ground up. Explore the intersections of technology, security, and community-driven solutions with a leader who has not only disrupted the status quo but has also fostered a culture of continuous improvement and collaboration. Join us for a riveting conversation as we uncover the secrets behind Bugcrowd's success, the evolving role of ethical hacking in today's digital landscape, and Casey's vision for a more secure and interconnected future. Whether you're a cybersecurity enthusiast, a tech aficionado, or simply curious about the forces shaping our digital world, this podcast episode with Casey Ellis is a must-listen. Visit https://www.securityweekly.com/psw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly Show Notes: https://securityweekly.com/vault-psw-7

Paul's Security Weekly TV
Hacker Heroes - Casey Ellis - PSW Vault

Paul's Security Weekly TV

Play Episode Listen Later Jan 3, 2024 75:40


Unleashing the Power of Crowdsourced Cybersecurity: A Conversation with Casey Ellis, Founder of Bugcrowd ️Meet Casey Ellis, the visionary entrepreneur who has redefined the landscape of cybersecurity through the groundbreaking platform he built – Bugcrowd. As the Founder and Chief Technology Officer of Bugcrowd, Casey Ellis has not only revolutionized the way organizations approach cybersecurity but has also championed the concept of crowdsourced security testing. With an innate passion for hacking and a deep understanding of the evolving threat landscape, Casey embarked on a mission to democratize cybersecurity. In our upcoming podcast interview, delve into the dynamic journey of a self-proclaimed hacker turned cybersecurity pioneer. Casey's brainchild, Bugcrowd, serves as a global community of ethical hackers and security professionals who collaborate to uncover and address vulnerabilities in digital systems. Learn how this innovative approach has empowered organizations across industries to proactively secure their digital assets, embracing the power of the collective in the fight against cyber threats. A trailblazer in the cybersecurity space, Casey Ellis brings a unique perspective to the podcast as he shares insights on the challenges and triumphs of building Bugcrowd from the ground up. Explore the intersections of technology, security, and community-driven solutions with a leader who has not only disrupted the status quo but has also fostered a culture of continuous improvement and collaboration. Join us for a riveting conversation as we uncover the secrets behind Bugcrowd's success, the evolving role of ethical hacking in today's digital landscape, and Casey's vision for a more secure and interconnected future. Whether you're a cybersecurity enthusiast, a tech aficionado, or simply curious about the forces shaping our digital world, this podcast episode with Casey Ellis is a must-listen. Show Notes: https://securityweekly.com/vault-psw-7

Paul's Security Weekly (Podcast-Only)
Hacker Heroes - Casey Ellis - PSW Vault

Paul's Security Weekly (Podcast-Only)

Play Episode Listen Later Jan 3, 2024 75:40


Unleashing the Power of Crowdsourced Cybersecurity: A Conversation with Casey Ellis, Founder of Bugcrowd ️Meet Casey Ellis, the visionary entrepreneur who has redefined the landscape of cybersecurity through the groundbreaking platform he built – Bugcrowd. As the Founder and Chief Technology Officer of Bugcrowd, Casey Ellis has not only revolutionized the way organizations approach cybersecurity but has also championed the concept of crowdsourced security testing. With an innate passion for hacking and a deep understanding of the evolving threat landscape, Casey embarked on a mission to democratize cybersecurity. In our upcoming podcast interview, delve into the dynamic journey of a self-proclaimed hacker turned cybersecurity pioneer. Casey's brainchild, Bugcrowd, serves as a global community of ethical hackers and security professionals who collaborate to uncover and address vulnerabilities in digital systems. Learn how this innovative approach has empowered organizations across industries to proactively secure their digital assets, embracing the power of the collective in the fight against cyber threats. A trailblazer in the cybersecurity space, Casey Ellis brings a unique perspective to the podcast as he shares insights on the challenges and triumphs of building Bugcrowd from the ground up. Explore the intersections of technology, security, and community-driven solutions with a leader who has not only disrupted the status quo but has also fostered a culture of continuous improvement and collaboration. Join us for a riveting conversation as we uncover the secrets behind Bugcrowd's success, the evolving role of ethical hacking in today's digital landscape, and Casey's vision for a more secure and interconnected future. Whether you're a cybersecurity enthusiast, a tech aficionado, or simply curious about the forces shaping our digital world, this podcast episode with Casey Ellis is a must-listen. Visit https://www.securityweekly.com/psw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly Show Notes: https://securityweekly.com/vault-psw-7

Paul's Security Weekly (Video-Only)
Hacker Heroes - Casey Ellis - PSW Vault

Paul's Security Weekly (Video-Only)

Play Episode Listen Later Jan 3, 2024 75:40


Unleashing the Power of Crowdsourced Cybersecurity: A Conversation with Casey Ellis, Founder of Bugcrowd ️Meet Casey Ellis, the visionary entrepreneur who has redefined the landscape of cybersecurity through the groundbreaking platform he built – Bugcrowd. As the Founder and Chief Technology Officer of Bugcrowd, Casey Ellis has not only revolutionized the way organizations approach cybersecurity but has also championed the concept of crowdsourced security testing. With an innate passion for hacking and a deep understanding of the evolving threat landscape, Casey embarked on a mission to democratize cybersecurity. In our upcoming podcast interview, delve into the dynamic journey of a self-proclaimed hacker turned cybersecurity pioneer. Casey's brainchild, Bugcrowd, serves as a global community of ethical hackers and security professionals who collaborate to uncover and address vulnerabilities in digital systems. Learn how this innovative approach has empowered organizations across industries to proactively secure their digital assets, embracing the power of the collective in the fight against cyber threats. A trailblazer in the cybersecurity space, Casey Ellis brings a unique perspective to the podcast as he shares insights on the challenges and triumphs of building Bugcrowd from the ground up. Explore the intersections of technology, security, and community-driven solutions with a leader who has not only disrupted the status quo but has also fostered a culture of continuous improvement and collaboration. Join us for a riveting conversation as we uncover the secrets behind Bugcrowd's success, the evolving role of ethical hacking in today's digital landscape, and Casey's vision for a more secure and interconnected future. Whether you're a cybersecurity enthusiast, a tech aficionado, or simply curious about the forces shaping our digital world, this podcast episode with Casey Ellis is a must-listen. Show Notes: https://securityweekly.com/vault-psw-7

The Cybersecurity Defenders Podcast
#87 - Hacker History: The Colonial Pipeline

The Cybersecurity Defenders Podcast

Play Episode Listen Later Dec 28, 2023 21:51


In this episode of The Cybersecurity Defenders Podcast, we recount some hacker history, and with the help of Casey Ellis, Founder and CSO at Bugcrowd, tell the story of the largest critical infrastructure ransomware attacks in history: The Colonial PipelineOn May 7, 2021, Colonial Pipeline, an American oil pipeline system that originates in Houston, Texas, and carries gasoline and jet fuel mainly to the Southeastern United States, suffered a ransomware cyberattack that impacted computerized equipment managing the pipeline. The Colonial Pipeline Company halted all pipeline operations to contain the attack. Overseen by the FBI, the company paid the amount that was asked by the hacker group (75 bitcoin or $4.4 million USD) within several hours; upon receipt of the ransom, an IT tool was provided to the Colonial Pipeline Company by DarkSide to restore the system. However, the tool required a very long processing time to restore the system to a working state.This episode was written by the talented Nathaniel Nelson.Casey Ellis can be found on LinkedIn here.

The Data Exchange with Ben Lorica
The Future of Cybersecurity: Generative AI and its Implications

The Data Exchange with Ben Lorica

Play Episode Listen Later Sep 14, 2023 49:07


Casey Ellis is Founder/Chair/CTO of Bugcrowd, a Crowdsourced Cybersecurity Platform. Bugcrowd recently released “Inside the Mind of a Hacker 2023”, an interesting report that provides insights into the motivations, challenges, and specializations of hackers, as well as security implications of AI.Subscribe to the Gradient Flow Newsletter:  https://gradientflow.substack.com/Subscribe: Apple • Spotify • Overcast • Google • AntennaPod • Podcast Addict • Amazon •  RSS.Detailed show notes can be found on The Data Exchange web site.

The RSnake Show
S06E06 - Bug Bounties Unleashed: A Deep Dive into Infosec with Casey Ellis, Founder of BugCrowd

The RSnake Show

Play Episode Listen Later Aug 24, 2023 117:03


Today's episode takes us to Las Vegas, Nevada, where I had the pleasure of meeting up with Casey Ellis during the Blackhat security conference. A pioneer in information security, Casey opens up about how he ventured into the realm of bug bounties and went on to create BugCrowd, the first crowdsourced vulnerability assessment company. From detailing the inception of BugCrowd to explaining how it altered the economics of finding bugs, Casey provides an insightful look into the ever-evolving landscape of information security. Our conversation goes beyond just bug bounties. We delve into the nitty-gritty of the industry's reaction to BugCrowd, explore the changing market dynamics in Infosec, and discuss the role of AI and its fragility in security. Casey also shares his personal experiences with entrepreneurship, mentoring, and his perspective on vulnerability in both the digital and physical world. Join us for this enlightening conversation with Casey Ellis, where tech meets entrepreneurship in a world brimming with secrets and discoveries.

Sales and Marketing Built Freedom
Why Cybersecurity is a Human Problem and Talking Open Source AI with Casey Ellis of Bugcrowd

Sales and Marketing Built Freedom

Play Episode Listen Later May 14, 2023 41:39


Casey Ellis is the CEO of Bugcrowd, a platform that connects users with digital locksmiths/hackers to help solve their problems, they also offer task service management and security consulting. Casey has 18 years of experience in the security space and has supported every type of client from small start-ups to large national corporations. Casey and Ryan have an in-depth conversation around AI and Security and Casey also talks about Bugcrowd's interesting combination business model, talks about marketing virality and reveals why his company were a chosen partner by open AI to try and penetrate AI as an open-source programme. KEY TAKEAWAYS Bugcrowd uses a traditional SaaS business model alongside operating a marketplace too. Bugcrowd uses a combination of direct sales and channel marketing for its go-to-market strategy. The ethos behind Bugcrowd is that cybersecurity is a human problem and they focus on human creativity to solve it and then utilise technology to accelerate the solution. Having the ability to develop innovative tech as well as recognising and empathising with the human component uniquely placed Casey to build a solution like Bugcrowd. If you are looking at putting all of your eggs in one basket with one platform, make sure you have a great relationship with them. Viral marketing starts by creating value, initial value is what will engage people and want them to share. Being in the cybersecurity space for a considerable amount of time and building up a good reputation for doing what they do well, means Bugcrowd and its team often get approached for testing new tech. Casey believes having the goal and conviction around what you are looking to achieve in business is a better motivator than money. BEST MOMENTS “Cybersecurity is a human problem technology just makes it go faster” “Don't be valuable create value” “When new stuff comes out, we get a phonecall” “There's a trust in us as an organisation” “I wanna see the production of wealth actually being the product of something I've set out to solve” Do You Want The Closing Secrets That Helped Close Over $125 Million in New Business for Free?"  Grab them HERE: https://www.whalesellingsystem.com/closingsecrets Ryan Staley Founder and CEO Whale Boss 312-848-7443 ryan@whalesellingsystem.com www.ryanstaley.io  EPISODE RESOURCES https://www.linkedin.com/in/caseyjohnellis/ ABOUT THE SHOW How do you grow like a VC-backed company without taking on investors? Do you want to create a lifestyle business, a performance business or an empire? How do you scale to an exit without losing your freedom?Join the host Ryan Staley every Monday and Wednesday for conversations with the brightest and best Founders, CEO and Entrepreneurs to crack the code on repeatable revenue growth, leadership, lifestyle freedom and mindset.This show has featured Startup and Billion Dollar Founders, Best Selling Authors, and the World's Top Sales and Marketing Experts like Terry Jones (Founder of Travelocity and Chairman of Kayak), Andrew Gazdecki (Founder of Micro Acquire), Harpal Sambhi (Founder of Magical with a previous exit to Linkedin) and many more. This is where Scaling and Sales are made simple in 25 minutes or less.Saas, Saas growth, Scale, Business Growth, B2b Saas, Saas Sales, Enterprise Saas, Business growth strategy, founder, ceo: https://www.whalesellingsystem.com/closingsecretsSee omnystudio.com/listener for privacy information.

Decipher Security Podcast

Casey Ellis, founder and CTO of Bugcrowd, joins Dennis Fisher to discuss the newly formed Hacking Policy Council, the challenges of influencing security research policy and legislation, and what the council hopes to achieve.

To The Point - Cybersecurity
Human vs. Super Suit: Exploring the AI-Human Relationship with Casey John Ellis

To The Point - Cybersecurity

Play Episode Listen Later Feb 7, 2023 31:49


For this week's episode, Casey Ellis, founder and CTO of Bugcrowd and co-founder of the http://disclose.io project., joins us to explore the risks and rewards of AI technology, including concerns around the notorious Chat GPT chatbot. As the global race to AI supremacy intensifies, Casey shares his thoughts on AI in the workplace, as a cyber defense, and the future of regulation and the ethics around determining AI liability. Casey is the Chairman, Founder, and Chief Technology Officer of Bugcrowd, as well as the co-founder of The disclose.io Project. He is a 20-year veteran of information security who spent his childhood inventing things and generally getting technology to do things it isn't supposed to do. Casey pioneered the Crowdsourced Security as-a-Service model, launching the first bug bounty programs on the Bugcrowd platform in 2012, and co-founded the disclose.io vulnerability disclosure standardization project in 2014. Since then, he has personally advised the US Department of Defense and Department of Homeland Security/CISA, the Australian and UK intelligence communities, and various US House and Senate legislative cybersecurity initiatives, including preemptive cyberspace protection ahead of the 2020 Presidential Elections. Casey, a native of Sydney, Australia, is based in the San Francisco Bay Area with his wife and two children. For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e219

ITSPmagazine | Technology. Cybersecurity. Society
Analyzing Security Research | A Conversation With Casey Ellis | Tech Done Different Podcast With Ted Harrington

ITSPmagazine | Technology. Cybersecurity. Society

Play Episode Listen Later Oct 6, 2022 23:53


We are joined by the Founder & Chair of Bugcrowd, Casey Ellis, to discuss where security research is today, where it is going, and many other aspects of how to think about securing systems.You'll learn:where security research is today, and where it is goingwhy businesses should be incentivized to secure systems (hint: not just because it's the right thing to do)how to think about security of open source systems________________________________GuestCasey EllisFounder, Chairman, and CTO of Bugcrowd [@Bugcrowd]On Twitter | https://twitter.com/caseyjohnellisOn LinkedIn | https://linkedin.com/in/caseyjohnellis________________________________HostTed HarringtonOn ITSPmagazine  

Tech Done Different
Analyzing Security Research | A Conversation With Casey Ellis | Tech Done Different Podcast With Ted Harrington

Tech Done Different

Play Episode Listen Later Oct 6, 2022 23:53


We are joined by the Founder & Chair of Bugcrowd, Casey Ellis, to discuss where security research is today, where it is going, and many other aspects of how to think about securing systems.You'll learn:where security research is today, and where it is goingwhy businesses should be incentivized to secure systems (hint: not just because it's the right thing to do)how to think about security of open source systems________________________________GuestCasey EllisFounder, Chairman, and CTO of Bugcrowd [@Bugcrowd]On Twitter | https://twitter.com/caseyjohnellisOn LinkedIn | https://linkedin.com/in/caseyjohnellis________________________________HostTed HarringtonOn ITSPmagazine  

Paul's Security Weekly
PSW #757 - Ev Kontsevoy, Casey Ellis

Paul's Security Weekly

Play Episode Listen Later Sep 30, 2022 195:27


Hackers rarely break through crypto or exploit fancy zero days. Most of the time they simply login using stolen credentials. Managing passwords, keys and other forms of secrets does not work at scale. In this segment we'll look into a more radical approach to infrastructure security: getting rid of secrets entirely and moving to access control based on physical properties of humans and machines. This segment is sponsored by Teleport. Visit https://securityweekly.com/teleport to learn more about them!   This week, we're joined by Casey Ellis to discuss a Telco breach from a land down under, UK government sits out bug bounty boom but welcomes vulnerability disclosure, Karakurt Data Extortion Group, Microsoft Releases Workaround for ‘One-Click' 0Day Under Active Attack, being caught with your pants down, & more!   Visit https://www.securityweekly.com/psw for all the latest episodes! Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly   Show Notes: https://securityweekly.com/psw757

Paul's Security Weekly (Podcast-Only)
PSW #757 - Ev Kontsevoy, Casey Ellis

Paul's Security Weekly (Podcast-Only)

Play Episode Listen Later Sep 30, 2022 195:27


Hackers rarely break through crypto or exploit fancy zero days. Most of the time they simply login using stolen credentials. Managing passwords, keys and other forms of secrets does not work at scale. In this segment we'll look into a more radical approach to infrastructure security: getting rid of secrets entirely and moving to access control based on physical properties of humans and machines. This segment is sponsored by Teleport. Visit https://securityweekly.com/teleport to learn more about them!   This week, we're joined by Casey Ellis to discuss a Telco breach from a land down under, UK government sits out bug bounty boom but welcomes vulnerability disclosure, Karakurt Data Extortion Group, Microsoft Releases Workaround for ‘One-Click' 0Day Under Active Attack, being caught with your pants down, & more!   Visit https://www.securityweekly.com/psw for all the latest episodes! Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly   Show Notes: https://securityweekly.com/psw757

Paul's Security Weekly TV
Voltron, Karakurt Extortion, 1 Click Workaround, Snowden Citizenship, & Casey Ellis - PSW #757

Paul's Security Weekly TV

Play Episode Listen Later Sep 29, 2022 133:19


This week, we're joined by Casey Ellis to discuss a Telco breach from a land down under, UK government sits out bug bounty boom but welcomes vulnerability disclosure, Karakurt Data Extortion Group, Microsoft Releases Workaround for ‘One-Click' 0Day Under Active Attack, being caught with your pants down, & more!   Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw757

Paul's Security Weekly (Video-Only)
Voltron, Karakurt Extortion, 1 Click Workaround, Snowden Citizenship, & Casey Ellis - PSW #757

Paul's Security Weekly (Video-Only)

Play Episode Listen Later Sep 29, 2022 133:19


This week, we're joined by Casey Ellis to discuss a Telco breach from a land down under, UK government sits out bug bounty boom but welcomes vulnerability disclosure, Karakurt Data Extortion Group, Microsoft Releases Workaround for ‘One-Click' 0Day Under Active Attack, being caught with your pants down, & more!   Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw757

The Cybrary Podcast
Responsible Vulnerability Disclosure with Casey Ellis | The Cybrary Podcast Ep. 93

The Cybrary Podcast

Play Episode Listen Later Sep 14, 2022 20:22 Transcription Available


When it comes to vulnerability disclosure, there can be a lot of unknowns. What is the first step in safely reporting? How can global bug bounty hunters better understand the specialized legalese in disclosure policies? Casey Ellis, Founder and CTO of Bugcrowd, addresses the importance of standardizing vulnerability disclosure policy language. Join in the de-villainization of ethical hackers and bug bounty hunters with Casey and the Cybrary team at Black Hat! Follow Cybrary on Social!! ~Twitter ~Instagram ~FaceBook ~YouTube ~LinkedIn

Decipher Security Podcast
Sneakers at 30

Decipher Security Podcast

Play Episode Listen Later Sep 11, 2022 51:28


Dennis Fisher, Zoe Lindsey, Pete Baker, and Casey Ellis convene to honor the 30th anniversary of the release of Sneakers, the greatest hacker movie ever made, and discuss its legacy, popularity in the hacker community, and why it still holds up today. 

sneakers casey ellis dennis fisher
Hacker History Podcast
The history of Casey Ellis

Hacker History Podcast

Play Episode Listen Later Mar 22, 2022 31:50


Hacker History sits down with Casey Ellis, the founder and chairman of Bugcrowd and co founder of disclose.io project. Casey talks about his history with technology, how he hosted a TV show at one point, and how his career got started. There are some incredible lessons for us around starting a company and working in […]

Kingdom Talk Broadcast Radio with Dr. Nicckay Natson
Interview with Speech Pathologist Casey Ellis

Kingdom Talk Broadcast Radio with Dr. Nicckay Natson

Play Episode Listen Later Mar 20, 2022 38:22


Dr. Nicckay interviews Speech Pathologist Mrs. Casey Ellis. Mrs. Casey will fill us in on her journey to becoming a speech pathologist, discuss her services and how she balances life, work and family. Mrs. Casey is a beautiful awesome person whom we love dearly. She is very special to our family.

Bugcrowd Chats
The Rise Of Crowdsourced Security

Bugcrowd Chats

Play Episode Listen Later Mar 15, 2022 23:21


In this EM360 podcast hosted by IT-Harvest Chief Research Analyst Richard Stiennon, hear Bugcrowd Founder, Chairman, and CTO Casey Ellis talk about the growing need and use cases for crowdsourced cybersecurity, and the critical, positive role of ethical hackers in the cybersecurity ecosystem.

Lancaster Connects
A Renewed Focus on Northern Lancaster County With Casey Ellis: Episode 37

Lancaster Connects

Play Episode Listen Later Feb 15, 2022 48:52


Casey Ellis recently joined Ephrata Area Social Services as the new Executive Director. Even though she is fresh in her position, she is excited to share the mission of EASS with the community. She has been overwhelmed and humbled by the staff, volunteers, and community that rallies around EASS and the clients served. She has learned quickly it really is about neighbors helping neighbors.

Cyber Work
How to get started with bug bounties and finding vulnerabilities | Cyber Work Podcast

Cyber Work

Play Episode Listen Later Dec 6, 2021 45:49


On this week's Cyber Work Podcast, BugCrowd and disclose.io! founder Casey Ellis discusses how to think like a cybercriminal, the crucial need for transparent vulnerability disclosure, the origins of BugCrowd and why mentorship is a gift that goes in both directions.– Join the monthly challenge: https://www.infosecinstitute.com/challenge – View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast0:00 - Intro 3:15 - Getting into cybersecurity4:30 - Criminal mindset in cybersecurity5:49 - Ellis's career to date 9:10 - Healthcare cybersecurity11:47 - Mentoring others 13:52 - Mentorship as a two-way street16:12 - Bugcrowd and bug bounty19:18 - Vulnerability disclosure project21:30 - Bug bounty popularity 24:52 - U.S. sanctions on hacking groups26:52 - Hiring hackers 31:52 - Pursue specialization 33:51 - Cyber threats flying under the radar39:17 - Working from home safely40:48 - How to get into bug bounties42:18 - How to report vulnerabilities44:04 - Advice to begin ethical hacking 45:23 - Learn more about Ellis 45:56 - OutroAbout InfosecInfosec believes knowledge is power when fighting cybercrime. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and privacy training to stay cyber-safe at work and home. It's our mission to equip all organizations and individuals with the know-how and confidence to outsmart cybercrime. Learn more at infosecinstitute.com.

Security Nation
Chris John Riley on Minimum Viable Secure Product (MVSP)

Security Nation

Play Episode Listen Later Nov 24, 2021 48:48


Interview LinksListen to Chris's podcast, First Impressions.Check out the other, Jane Austen-themed First Impressions podcast.Learn more about MVSP at the official site and in this blog post from Google.Read up on the ETSI standard Jen mentioned.Revisit our previous episode on Disclose.io with Casey Ellis.Rapid Rundown LinksRead about the Sky router vulnerability.If you just can't wait till January to hear from us again, revisit Season 4.

Decipher Security Podcast

Casey Ellis joins Lindsey O'Donnell-Welch to discuss the evolution, adoption and standardization of vulnerability disclosure programs - both in the U.S. and across the globe.

Paul's Security Weekly TV
Compliance and “The Crowd”, Part 2 - Casey Ellis - SCW #88

Paul's Security Weekly TV

Play Episode Listen Later Sep 30, 2021 49:16


Crowdsourcing and multi-sourcing focus on risk identification and reduction, and they seem to be effective... but my auditor doesn't understand what it is yet - Will it meet the requirements of security compliance standards? Jeff and Casey will dig into the hits and misses of plugging novel assurance approaches into established markets.   Visit https://www.securityweekly.com/scw for all the latest episodes! Show Notes: https://securityweekly.com/scw88

Paul's Security Weekly
Little Bugs - SCW #88

Paul's Security Weekly

Play Episode Listen Later Sep 30, 2021 85:27


This week, we welcome Casey Ellis, Founder/Chair/CTO at Bugcrowd, to talk about Compliance and “The Crowd”! Crowdsourcing and multi-sourcing focus on risk identification and reduction, and they seem to be effective... but my auditor doesn't understand what it is yet - Will it meet the requirements of security compliance standards? Jeff and Casey will dig into the hits and misses of plugging novel assurance approaches into established markets.   Show Notes: https://securityweekly.com/scw88 Visit https://www.securityweekly.com/scw for all the latest episodes!   Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

Security and Compliance Weekly (audio)
Little Bugs - SCW #88

Security and Compliance Weekly (audio)

Play Episode Listen Later Sep 30, 2021 85:27


This week, we welcome Casey Ellis, Founder/Chair/CTO at Bugcrowd, to talk about Compliance and “The Crowd”! Crowdsourcing and multi-sourcing focus on risk identification and reduction, and they seem to be effective... but my auditor doesn't understand what it is yet - Will it meet the requirements of security compliance standards? Jeff and Casey will dig into the hits and misses of plugging novel assurance approaches into established markets.   Show Notes: https://securityweekly.com/scw88 Visit https://www.securityweekly.com/scw for all the latest episodes!   Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

Paul's Security Weekly TV
Compliance and “The Crowd”, Part 1 - Casey Ellis - SCW #88

Paul's Security Weekly TV

Play Episode Listen Later Sep 29, 2021 36:18


Crowdsourcing and multi-sourcing focus on risk identification and reduction, and they seem to be effective... but my auditor doesn't understand what it is yet - Will it meet the requirements of security compliance standards? Jeff and Casey will dig into the hits and misses of plugging novel assurance approaches into established markets.   Visit https://www.securityweekly.com/scw for all the latest episodes! Show Notes: https://securityweekly.com/scw88

For Leaders
Casey Ellis on knowing when to step back from management in order to move forward in leadership

For Leaders

Play Episode Listen Later Jul 20, 2021 60:58


FLG_S2_E6 www.forleadersglobal.com   In 2011, cyber security startup called “Bugcrowd” was founded by Casey Ellis. From a classic “write on a napkin” type of idea, registering a business name the same night, and swiftly moving overseas to start the business, Bugcrowd quickly became one of the most innovative companies in the cyber security field. Casey Ellis has a passion for hackers, but hackers who do good. Casey was ahead of the game in establishing the company, and in doing so solved some real threats of companies personal and professional information from being breached. *The focus for Casey was to be able to make the internet safer by finding problems and weaknesses before they arise. To do this, casey built a world class network of hackers who have both skill and character to do the job well.* (Maybe take those sentences out if too long) On this episode, you'll hear Casey's story of how he made some really tough decisions to be able to prioritise the things that matter. To build a strong business while also keeping strong family values and work/life balance. He makes it sound easy, but it would have taken so much humility and courage to do so. This show is for the leader wanting to be challenged to grow in both technical expertise and people leadership. In turn, you'll be encouraged to build a legacy in your business and make the world a better place without compromising on future goals.   ABOUR CASEY ELLIS: https://www.bugcrowd.com/ Casey is the Founder, Chairman, and CTO of Bugcrowd. He is a 20 year veteran of information security, servicing clients ranging from startups to multinational corporations as a pentester, security and risk consultant and solutions architect, then most recently as a career entrepreneur. Casey pioneered the Crowdsourced Security as a Service model launching the first bug bounty programs on the Bugcrowd platform in 2012, and co-founded the https://disclose.io vulnerability disclosure standardization project in 2016. A proud ex-pat of Sydney Australia, Casey lives with his wife and two kids in the San Francisco Bay Area. He is happy as long as he's passionately pursuing potential.   For Leaders Global Resources:  www.forleadersglobal.com Helping Organisations Build Leaders Worth Following & Culture Worth Reproducing   To get in contact with us and talk about how we can help you build leaders worth, dynamic teams and culture worth reproducing email us here: hello@forleadersglobal.com     

IT Visionaries
Analyzing the Impact of A.I. and Technology on Society and Cybersecurity

IT Visionaries

Play Episode Listen Later Jul 6, 2021 49:59


Technology is advancing at pace never seen before and the newest tech, applications and widgets are being widely adopted at an even quicker rate. Just look at A.I. and machine learning tools,which are now used to identify things once thought unimaginable — whether it's to figure out simple things such as what clothes best suit consumers or completing everyday work tasks, the endstate for these technologies appear endless... But as technology grows more sophisticated, why is the software that operates it not being secured?“The human without the suit is weak and the suit without the human is dumb. A.I. and machine learning, these different computer learnings we've got to work with now in cybersecurity and across the board, they're levers. They're not a replacement in my mind for human intelligence. When that happens, we're going to be worried about Skynet, not these conversations. And I'm going to be thinking about how to hack that stuff, to make sure that humans stay safe.”The future of A.I. and machine learning is mostly rooted in Hollywood sci-fi; Tony Stark's Jarvis, or Skynet represent the full advancement of our imaginations of these technologies so far. But the reality of these tools isn't there, but the power is. So why are we not protecting ourselves from it? On this roundtable episode of IT Visionaries, we explore the impact A.I. and technology are having on society and cybersecurity with Casey Ellis, the founder and CTO of BugCrowd, andMalcolm Harkins, a cybersecurity advisor, coach and board member. The two discuss why you'll never be able to eliminate risk and why the lack of financial incentives is leaving most companies vulnerable to nefarious attacks. Enjoy this episode!Main TakeawaysJust Throw Money at the Problem: One of the leading issues right now when it comes to cybersecurity is that app developers are not incentivized to protect products during the development lifecycle. When there is no monetary incentive for developers to protect their software, the needed layers of security are not built in. This leads to security teams doing patch work on problems that could have been architected during the development process.  Two Repelling Magnets: Security and privacy are consistently bound together but the reality is that good security can encroach on a user's privacy. When designing products, developers must be thinking first about the layer of security they are placing within the code, but also how those security measures will infringe on the user's rights.Working Hand-in-Hand: Your cybersecurity strategy should be a mix of technology and human creativity. While A.I and machine learning algorithms can help detect irregularities within a platform, most of those algorithms are not trained to learn from mistakes, leaving them open to vulnerabilities. Instead of relying just on technology, deploy a hybrid model using crowdsourced protection which allows for highly-trained and skilled hackers to test the vulnerabilities within a system that can then be fixed immediately. IT Visionaries is brought to you by the Salesforce Platform - the #1 cloud platform for digital transformation of every experience. Build connected experiences, empower every employee, and deliver continuous innovation - with the customer at the center of everything you do. Learn more at salesforce.com/platform

Plaintext Podcast by Duo Security
E5: Dave Talks to Bugcrowd Founder Casey Ellis

Plaintext Podcast by Duo Security

Play Episode Listen Later Mar 17, 2021 31:35


Welcome back to the Plaintext Podcast with your host Dave Lewis, Global Advisory CISO for Duo Security, now part of Cisco.In this first episode of 2021, Dave chats with Casey Ellis, founder of Bugcrowd.The pair discusses how Casey got started in security, how the security market is changing and the pandemic-driven boom in remote work. They also chat about their shared love of music (and playing in bands) and how playing in a band shares similarities with a career in infosec.If you have suggestions as to who you’d like to see join me on the show, send me an email at hacker @ duo dot com.Like what you hear? Be sure to check out previous episodes of Plaintext Podcast.

ITSPmagazine | Technology. Cybersecurity. Society
2020 Inside The Mind Of A Hacker Report | What Does "Mindset Of A Hacker" Even Mean? | A Bugcrowd Story — Part 4 of 4 | With Katie Paxton-Fear And Casey Ellis

ITSPmagazine | Technology. Cybersecurity. Society

Play Episode Listen Later Mar 8, 2021 49:10


Humans are life-long learners — well, most of them anyway. Hackers are certainly the curious and "challenge accepted!" kind. In fact, learning as they go may even be considered a lifestyle. Instead of taking an exam at a university, they dive into a problem to solve, breaking things apart to see how they work and see how they can make them work better than they were originally designed/intended. Eventually, their exam papers become a bug submission via responsible disclosure. The reward? Not a degree, but a bounty. How cool is that?But what is in a hacker's mind? Who wouldn't want to know?In this final episode in the four-pack of conversations looking inside the mind of a hacker, we are joined by Katie Paxton-Fear, Lecturer in Cyber Security, The Manchester Metropolitan University, and Casey Ellis, Founder, Chairman, and CTO for Bugcrowd. Together we bring everything full circle to get the 360-view of what a hacker mindset really is; what does that even mean?To really get the full picture, however, you must listen to the other three episodes:EPISODE 1: With Joan Pepin, then-Chief Security Officer at Auth0, and Ashish Gupta, CEO and President at Bugcrowd | We talk about the business of crowdsourced security (You Can Build Out A Team But It Is Way Better To Turn To The Crowd)EPISODE 2: With Jasmin Landry, Sr. Application Security Advisor at Videotron and Grant McCracken, Senior Director, Program and Security Operations at Bugcrowd | We explore the geographics of hacking: what the researchers target and where they hack from (An International Hacker Community Comes Together To Root Out Technology Weaknesses)EPISODE 3: With Robin Marte, Ethical Hacker/Security Researcher at Bugcrowd, and Michael Skelton, Global Head of Security Operations and Researcher Enablement at Bugcrowd | We explore the demographics of hacking: what methods, experience, and collaboration mechanisms matter to the hacker community (There Will Always Be Hackers — We Just Need More)And, finally, in this grand finale EPISODE 4, we discover how hackers learn, some of the skills and traits they are born with and later acquire, the value of diverse thinking from diverse backgrounds and experiences, and what being part of the hacker tribe means to the hackers (and to society).What was once an elusive badge to gain — an exclusive tribe to be part of — has become both a world that welcomes new talent and a critical component of raising the security posture for so many organizations worldwide. The relationship between the hacker community continues to flourish. Through platforms like Bugcrowd and programs like disclose.io, the hacker community finds a safe and meaningful way to contribute to today's security tomorrow's safety in an increasingly-digital world.But enough talking about it, let's get inside the mind of a hacker.(This contains promotional content: learn more)GuestsKatie Paxton-Fear, Lecturer in Cyber Security, The Manchester Metropolitan University (@InsiderPhD on Twitter)Casey Ellis, Founder/Chairman/CTO, @Bugcrowd (@caseyjohnellis on Twitter)ResourcesLearn more about Bugcrowd and their offering: https://itspm.ag/itspbgcwebDownload and read the complete 2020 edition of the Inside the Mind of a Hacker report by visiting https://itspm.ag/2BeLHUZCatch the full 4-part video/podcast series by visiting https://www.itspmagazine.com/their-stories/2020-inside-the-mind-of-a-hacker-report-unique-histories-shared-destiny-a-bugcrowd-storyLearn more about disclose.ioAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story

ITSPmagazine | Technology. Cybersecurity. Society
2020 Inside The Mind Of A Hacker Report | There Will Always Be Hackers — We Just Need More | A Bugcrowd Story — Part 3 of 4 | With Robin Marte (@masonhck357) And Michael Skelton (@codingo)

ITSPmagazine | Technology. Cybersecurity. Society

Play Episode Listen Later Mar 2, 2021 50:58


Forget about stereotypes of hackers being nefarious masterminds. Hackers are dynamic, young individuals who come from all walks of life — diversity is a big plus for this community — and so it is for the cybercriminals, but they actually are nefarious masterminds.Countless people are building the applications and systems we use at work and at home. It's a safe assumption they are smart people. Do hackers need to be as smart or smarter than them?We are glad you're back for another episode as we continue to unveil and explore what is inside the mind of a hacker.Today we chat with Robin Marte, Ethical Hacker/Security Researcher at Bugcrowd and Michael Skelton, Global Head of Security Operations and Researcher Enablement at Bugcrowd,  as they share their background, experiences, and thoughts about the global hacker community.Our guests go beyond their profiles in the ITMOAH report to tell us what they hack on, the tools they use, how they manage ongoing training, mentorship, and collaboration with the community, and so much more.Security researchers come from all walks of life and live in countries spanning six of the world's seven continents. We're even starting to see researchers join together in teams — mini "hacker companies, if you will — securing physical office space and sitting side-by-side to take on bug bounty programs that would be more challenging to tackle on their own. This group model gives them a massive benefit over solo hackers — and the organizations running the bug bounty programs presumably benefit as well as they experience faster, better, and perhaps even more in-depth results.It's not all fun and games, however. Given the laws in the United States and around the world, hacking can be a dangerous profession. Given the current state of affairs, hackers must have a clear view of the bug bounty landscape they are traversing — which targets are safe, what are the boundaries, are the rules clearly defined? Can a formal bug bounty program coupled with a formal vulnerability disclosure program (VDP) — as can be seen listed on disclose.io — provide the necessary assurances to make it safe(r) for these researchers to do their good deeds? We hope it does, as there is plenty of scope for the researchers to explore. And, there aren't enough of them.We hope you enjoy this new chapter and what you learn from it.Have a listen... and get ready for the final episode with Katie Paxton-Fear and Casey Ellis. It's going to be the grand finale whopper you'd expect from this pairing.(This contains promotional content: learn more)GuestsRobin Marte, Ethical Hacker/Security Researcher at Bugcrowd (@masonhck357 on Twitter)Michael Skelton, Global Head of Security Operations and Researcher Enablement at Bugcrowd (@codingo_ on Twitter)ResourcesLearn more about Bugcrowd and their offering: https://itspm.ag/itspbgcwebDownload and read the complete 2020 edition of the Inside the Mind of a Hacker report by visiting https://itspm.ag/2BeLHUZCatch the full 4-part video/podcast series by visiting https://www.itspmagazine.com/their-stories/2020-inside-the-mind-of-a-hacker-report-unique-histories-shared-destiny-a-bugcrowd-storyLearn more about disclose.ioAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story

The Cybrary Podcast
401 Access Denied Ep. 22 | Responsible Disclosure Programs with Katie Moussouris & Casey Ellis

The Cybrary Podcast

Play Episode Listen Later Feb 24, 2021 83:24 Transcription Available


Casey Ellis, Founder & CTO of Bugcrowd and Katie Moussouris, Founder & CEO of Luta Security discuss vulnerability disclosure programs with Mike and Joe today. Developing a disclosure program can be so complex that many organizations don't create one at all. So we asked - what processes should companies put in place to be sure they provide vulnerability information safely and in a usable way? Our guests today share the best practice steps that companies should take to prepare.

Risky Business
Risky Biz Soap Box: Bugcrowd CEO Ashish Gupta

Risky Business

Play Episode Listen Later Nov 19, 2020


This is not an edition of the weekly news show, scroll back one episode in your podcast feed if you’re looking for that. Rhis is a wholly sponsored podcast brought to you by Bugcrowd. Bugcrowd’s CEO Ashish Gupta joins us in this edition of the Soap Box. He’s been the CEO over there for about three years, taking the reins from our friend Casey Ellis who moved into the CTO position. As you’re about to hear, the bug bounty companies have moved on from the days when they just provided the simple service of running bug bounty competitions for their clients. What’s emerging is a much more nuanced product mix designed to extract as much usefulness as possible out of the testers registered on their platforms.

Cloud Security Podcast
HOW TO START in BUG BOUNTY IN 2020 with Casey Ellis, BugCrowd

Cloud Security Podcast

Play Episode Listen Later Oct 25, 2020 65:55


In this episode of the Virtual Coffee with Ashish edition, we spoke with Casey Ellis Host: Ashish Rajan - Twitter @hashishrajan Guest: Casey Ellis - Linkedin @caseyjohnellis In this episode, Casey & Ashish spoke about What was your path into CyberSecurity .What does Cloud Security mean for you? CrowdSource security as a service model & Bug Bounty, can you tell the audience about this space? How do you make people feel comfortable with the concept of crowdsource security? Is bug bounty only for big companies? How do you make sure you are not painting a big bulls eye on your back through crowdsource security? Basic things people can start with - security.txt, responsible disclosure? How can people get into the Bug Bounty Space? Can anyone get into it? How do we fix the ostrich head in the sane mentally of less mature organisations? How can we foster a safer environment to talk about Bug Bounty openly? When Bug Bounty goes wrong? How do economics and game theory play into the crowdsourcing bug bounty scene? Do researchers look for other outlets? How do companies find the sweet spot of payments? Is it better to disclose a bug to a third party or the actual company? ShowNotes and Episode Transcript on www.cloudsecuritypodcast.tv Twitter - @kaizenteq @hashishrajan If you want to watch videos of this and previous episodes: - Twitch Channel: https://lnkd.in/gxhFrqw - Youtube Channel: https://lnkd.in/gUHqSai

OzCyber Unlocked
Australian Cyber Week 2020 – learn, network, grow

OzCyber Unlocked

Play Episode Listen Later Oct 15, 2020 67:47


Australian Cyber Week 2020 is the fourth annual showcase of Australia's vibrant and dynamic cyber security sector, being held in a virtual format from 26-30 October. Cyber Week provides opportunities for Australian cyber security and related organisations to showcase their capabilities and network with peers, potential investors and customers. It also provides a great way for cyber curious individuals and organisations to better understand what cyber security can do and mean for them. This year, we have 30 online and (COVID-safe) in-person events and activities – spanning the full breadth of the cyber security landscape for those within the sector, but also well beyond.  In episode four of ‘OzCyber Unlocked', we speak to a range of guests and partners featured during Australian Cyber Week 2020, including:James Turner – Founder of CISO LensScott Handsaker – CEO of CyRiseTamara Baker – Australian Cyber Week 2019 ‘champion' and a year 10 school student with aspirations for a career in cyber securityNeil Templeman – Director at Baidam SolutionsWe focus specifically on two events – ‘Sky's the Limit' and ‘Culture shock – barriers to diversity are the barriers to growth' and discuss:The role of private sector in building a secure AustraliaHow pitching to corporates is different from pitching to governmentWhy it's so hard for Australian companies to get noticed and how companies can ‘stand out'The barriers to diversity in the Australian cyber security sector What can be done now to improve inclusivity in the workforce This month's ‘cyber spotlight' features Casey Ellis from Bugcrowd. Bugcrowd is a crowdsourced security platform. It's one of the first companies to embrace and utilise crowdsourced security and cyber security researchers as linchpins of its business model. Founded in 2011, Bugcrowd has grown into one of the largest bug bounty and vulnerability disclosure companies on the internet.For more information about the organisations featured, visit:CISO Lens: www.cisolens.comCyRise: www.cyrise.co Baidam Solutions: www.baidam.com.au Bugcrowd: www.bugcrowd.comTo register for Australian Cyber Week 2020, visit www.cyberweek2020.austcyber.com.

Risky Business
Risky Business #596 -- DoJ gives Uber breach response one star

Risky Business

Play Episode Listen Later Aug 26, 2020


On this week’s show Patrick and Adam discuss the week’s security news, including: Former Uber CSO Joe Sullivan charged with obstruction of justice Whitehouse to concede WeChat carveouts for US operations in China A bunch of news that sounds like it’s from 1997 This week’s sponsor interview is with Bugcrowd’s CTO Casey Ellis. He’s joining us to talk about some US election-related vulnerability disclosure programs that have kicked off in the USA. Voting machine maker ES&S has launched one as has the state of Ohio. Links to everything that we discussed are below and you can follow Patrickor Adam on Twitter if that’s your thing. Show notes Former Uber CSO charged for 2016 hack cover-up | ZDNet Trump Team Reassures Apple, Others on Using WeChat in China - Bloomberg TikTok Sues U.S. Government Over Trump Ban - The New York Times TikTok Complaint (1) Bobby Chesney on Twitter: "Looking forward to seeing the details of the complaint. But that said, the most TikTok possibly can get here is a delay, and thus possibly a better deal when they are sold. Courts will *not* second-guess the ultimate *merits* determination under IEEPA or CFIUS, full stop. 1/4" / Twitter Google fixes major Gmail bug seven hours after exploit details go public | ZDNet Security researcher discloses Safari bug after Apple delays patch | ZDNet CISA warns of BLINDINGCAN, a new strain of North Korean malware | ZDNet Taiwan accuses Chinese hackers of aggressive attacks on government agencies “DeathStalker” hackers are (likely) older and more prolific than we thought | Ars Technica Hackers Leak Alleged Internal Files of Chinese Social Media Monitoring Firms FBI, CISA Echo Warnings on ‘Vishing’ Threat — Krebs on Security Voice Phishers Targeting Corporate VPNs — Krebs on Security Feds warn election officials of potentially malicious ‘typosquatting’ websites Cyber Command deploys abroad to fend off foreign hacking ahead of the 2020 election Report claims a popular iOS SDK is stealing click revenue from other ad networks | ZDNet Tens of suspects arrested for cashing-out Santander ATMs using software glitch | ZDNet ATM makers Diebold and NCR deploy fixes for 'deposit forgery' attacks | ZDNet University of Utah pays $457,000 to ransomware gang | ZDNet Conti (Ryuk) joins the ranks of ransomware gangs operating data leak sites | ZDNet Weeks after malware disruption, New York hospital is getting back online WannaRen ransomware author contacts security firm to share decryption key | ZDNet Top exploits used by ransomware gangs are VPN bugs, but RDP still reigns supreme | ZDNet Russian National Arrested for Conspiracy to Introduce Malware into a Nevada Company's Computer Network | OPA | Department of Justice New P2P botnet infects SSH servers all over the world | Ars Technica Browser fingerprinting ‘more prevalent on the web now than ever before’ – research | The Daily Swig Bcrypt hashing library bug leaves Node.js applications open to brute-force attacks | The Daily Swig Google Firebase messaging vulnerability allowed attackers to send push notifications to app users | The Daily Swig US government built secret iPod with Apple’s help, former engineer says | Ars Technica Former Uber CSO charged with obstruction of justice - Risky Business

Yeah, I Said It!
Episode 6: Current State of Live Comedy with Vik Pandya

Yeah, I Said It!

Play Episode Listen Later Jul 29, 2020 64:35


Back to Live Comedy with Vik Pandya! Fresh off the trail in the MidWest, Vik discusses live shows during the COVID pandemic. Vik Pandya is live this Friday at CG's Comedy Club, https://cgscomedyclub.com/event-3/tw-eventinfo/Vik+Pandya/10659855/ Instagram: https://www.instagram.com/vikpandya/ YouTube: https://www.youtube.com/channel/UCLhhZ1ysskerTevBKGU1D6w Spotify:https://open.spotify.com/album/0YZWNuRVGYh3SyV3sgM0RB?si=l9Cz5ppPTuesdhBsoTK-oQ Special Thanks to our Music and Design: Cardiyac Barz: https://www.instagram.com/cardiyac_barz/ Casey Ellis: https://www.instagram.com/kingcaseyellis/ --- Support this podcast: https://anchor.fm/yeahisaiditpodcast/support

Yeah, I Said It!
Episode 5: Harold Pierre & Ty Riggs

Yeah, I Said It!

Play Episode Listen Later Jul 22, 2020 69:28


Harold Pierre: https://www.instagram.com/freshcomic/ Ty Riggs: https://www.instagram.com/tyriggsyall/ Special Thanks to our Music and Design: Cardiyac Barz: https://www.instagram.com/cardiyac_barz/ Casey Ellis: https://www.instagram.com/kingcaseyellis/ --- Support this podcast: https://anchor.fm/yeahisaiditpodcast/support

Yeah, I Said It!
Episode 4: Xavier Lamont & Dwayne Murphy

Yeah, I Said It!

Play Episode Listen Later Jul 13, 2020 62:59


What does the "D" in Kevin D. Williams stand for? This is question that has been pondered by the masses. Not really but we find out this episode! My guest this week are comedians Xavier Lamont and Dwayne Murphy Jr. We discuss getting back on stage during the pandemic, dating and socializing in the age of covid. Get ready to laugh!!! Xavier Lamont: https://www.instagram.com/xlcomedy/ Dwayne Murphy: https://www.instagram.com/murphyjrjokes/ Special Thanks to our Music and Design: Cardiyac Barz: https://www.instagram.com/cardiyac_barz/ Casey Ellis: https://www.instagram.com/kingcaseyellis/ --- Support this podcast: https://anchor.fm/yeahisaiditpodcast/support

music lamont casey ellis kevin d williams
Yeah, I Said It!
Episode 3: Netra Netra Netra

Yeah, I Said It!

Play Episode Listen Later Jun 30, 2020 63:37


This week we talk to the hilarious Netra! One of Chicago's funniest comedian and who is originally from Houston. We discuss the differences between the two cities culturally and comically. We also learn about the challenges of performing in the various venues throughout the city. This is a hilarious episode! Find her on Instagram @netracomedy, https://www.instagram.com/netracomedy/ Special Thanks to our Music and Design: Cardiyac Barz: https://www.instagram.com/cardiyac_barz/ Casey Ellis: https://www.instagram.com/kingcaseyellis/ --- Support this podcast: https://anchor.fm/yeahisaiditpodcast/support

Risky Business
Risky Business #585 -- UK mulls Huawei ban, NGOs urge COVID-19 hack de-escalation

Risky Business

Play Episode Listen Later May 26, 2020


On this week’s show Patrick and Adam discuss the week’s security news, including: German intelligence warns of widespread Russian infrastructure hacks NGOs urge COVID-19 hack de-escalation UK mulls total Huawei ban… we think it’s a done deal DHS warning on 5G “moronavirus” Wen jailbreak? NOW JAILBREAK!! iOS 14 leaks Much, much more… This week’s sponsor interview is with Casey Ellis, the CTO of Bugcrowd. As you’ll hear, Bugcrowd did a survey of managers in security to see if their attitudes around work from home had changed since the COVID-19 crisis, and yes, they have. Casey also tells us about Bugcrowd’s latest LevelUp virtual conference. That conversation led to him sharing some interesting insights about trends amongst the crowd of registered testers on Bugcrowd’s platform. You can subscribe to the new Risky Business newsletter, Seriously Risky Business, here. You can subscribe to our new YouTube channel here. Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing. Show notes Red Cross urges halt to cyberattacks on healthcare sector amid COVID-19 - Reuters CyberPeace Institute - Call for Government FBI offers US companies more details from investigations of health care hacking UK cyber agency launches review of Huawei presence in 5G networks NSO Group Impersonated Facebook to Help Clients Hack Targets - VICE German intelligence agencies warn of Russian hacking threats to critical infrastructure The DHS Prepares for Attacks Fueled by 5G Conspiracy Theories | WIRED US may ‘disconnect’ with Australia over Victoria’s deal with China (2) Tom McIlroy on Twitter: "Statement from US Ambassador to Canberra Arthur Culvahouse - in response to reports about Mike Pompeo's comments on Victoria's Belt and Road agreement https://t.co/n8KzIAyGgJ" / Twitter Australia China trade war: Beijing seizes on Mike Pompeo’s ‘disconnection’ comment Coronavirus 'dossier' was a basic timeline of facts handed out by US State Department with no new evidence - ABC News There's a Jailbreak Out for the Current Version of iOS | WIRED How iPhone Hackers Got Their Hands on the New iOS Months Before Its Release - VICE Coronavirus Australia: COVIDSafe app may need privacy changes to use Apple, Google tracing tool Signal to move away from using phone numbers as user IDs | ZDNet Facebook Messenger Adds Safety Alerts—Even in Encrypted Chats | WIRED Hackers infect multiple game developers with advanced malware | Ars Technica Japan investigates Mitsubishi Electric breach amid national security concerns Thousands of enterprise systems infected by new Blue Mockingbird malware gang | ZDNet Summary of Tradecraft Trends for 2019-20: Tactics, Techniques and Procedures Used to Target Australian Networks | Cyber.gov.au Federal officials have arrested another accused FIN7 hacker Report: ATM Skimmer Gang Had Protection from Mexican Attorney General’s Office — Krebs on Security Ransomware deploys virtual machines to hide itself from antivirus software | ZDNet Turla hacker group steals antivirus logs to see if its malware was detected | ZDNet RangeAmp attacks can take down websites and CDN servers | ZDNet Google Cloud security find earns South American researcher $31k bug bounty payout | The Daily Swig How to perform an HTTP header smuggling attack through a reverse proxy | The Daily Swig New Spectra attack breaks the separation between Wi-Fi and Bluetooth | ZDNet Thousands of Israeli sites defaced with code seeking permission to access users' webcams | ZDNet Twitter adds a warning label fact-checking Trump’s false voting claims | TechCrunch #LevelUp 0x06 — Presented by Bugcrowd Bugcrowd - YouTube

Hacking into Security - Career Talks
Hacking Into Security #6 - Entrepreneurship in cybersecurity - Casey Ellis from Bugcrowd

Hacking into Security - Career Talks

Play Episode Listen Later May 8, 2020 48:29


We catch up with Casey Ellis, founder of the number one crowdsourced security platform, Bugcrowd. Through our conversation, we go through the journey of starting a business, moving countries, multimillion-dollar raises and more. Casey also shares his advice to future founders.

Security Nation
Where Tech Meets Legal: Discussing Crowdsourced Security Testing with Bugcrowd’s Casey Ellis

Security Nation

Play Episode Listen Later Apr 24, 2020 46:12


On our latest episode of Security Nation, we caught up with Casey Ellis, founder and CTO at Bugcrowd. Joining us during the 2020 RSA Conference, he takes the time to discuss normalizing vulnerability disclosure, the safe harbor debate, and the legal implications of crowdsourced security testing. Stick around for our Rapid Rundown, where Tod breaks down the recent controversy on online vs. mail-in voting, and gives the inside scoop on Rapid7’s newest project, AttackerKB.

Sticker and Sleeve: A Harvest Records Podcast
6: Kelly Kelbel of Make Noise + Nathanael talks Miles Davis

Sticker and Sleeve: A Harvest Records Podcast

Play Episode Listen Later Mar 4, 2020 73:14


Annelise and Mark are back with the second episode of Sticker and Sleeve of 2020! We took a short break to focus on in-store happenings and are excited to get the pod back in full swing. Joining us for this episode we have special guest Kelly Kelbel, co-founder of Make Noise. She tells the tale of the modular synthesizer company’s growth from a tiny in-house operation in Marshall to an international boutique synth powerhouse based in West Asheville (across the street from Harvest!). Hear about their journey from Chicken Alley to creating instruments used by folks you may have heard of, including Thom Yorke and Aphex Twin. Staff guest Nathanael paints a beautiful portrait explaining why a particular Miles Davis song speaks to him deeply, and repeatedly. AK quizzes Mark on his rock geography again and finally throws him a coupla curveballs. Complete with actual music this episode! Have a listen!Recorded, mixed and edited by Colin Miller.Theme music created and recorded by MJ Lenderman and Owen Stone."This Week in Harvest History" theme by Casey Ellis.

KBKAST
Episode 19: Casey Ellis

KBKAST

Play Episode Listen Later Mar 1, 2020 35:22


CASEY ELLIS Casey is the Founder, Chairman, and CTO of Bugcrowd. He is an 18 year veteran of information security, servicing clients ranging from startups to multinational corporations as a pen tester, security and risk consultant and solutions architect, then most recently as a career entrepreneur. Casey pioneered the Crowdsourced Security [...]

Sticker and Sleeve: A Harvest Records Podcast
5: Emily Peele of High Five Coffee + Kim Roney talks Rodriguez

Sticker and Sleeve: A Harvest Records Podcast

Play Episode Listen Later Jan 20, 2020 59:06


Sticker and Sleeve kicks off 2020 with a bang as Annelise and Mark get deep with Emily Peele from High Five Coffee. In lieu of *actual* coffee talk, they instead dive into the thoughts, intentions and work behind the ethics and messaging of a small business. Mark and Kim Roney reminisce about their wild ride playing in the backing band for legend Sixto Rodriguez, from a sold-out Grey Eagle (11 years ago this week!) up to a sold-out Radio City Music Hall a few years later. And Annelise gets put to the test on samples used in Kanye West songs - how will she fair? Listen to find out!Recorded, mixed and edited by Colin Miller.Theme music created and recorded by MJ Lenderman and Owen Stone."This Week in Harvest History" theme by Casey Ellis.

The Cybrary Podcast
Ep.04 Casey Ellis | Bugcrowd and Responsible Disclosures

The Cybrary Podcast

Play Episode Listen Later Jan 3, 2020 59:13 Transcription Available


In this episode of the Cybrary Podcast, we sit down with Casey Ellis the Founder and CTO of Bugcrowd. Speaking with Cybrarys VP of Engineering Mike Gruen, Casey explains how Bugcrowd is a community for creating feedback loops between people who think differently and how the term responsible disclosure got its name.

Sticker and Sleeve: A Harvest Records Podcast
4: Jon & Amanda from The Mothlight + "Steve Piano"

Sticker and Sleeve: A Harvest Records Podcast

Play Episode Listen Later Dec 23, 2019 65:25


In the fourth installment of Sticker and Sleeve and the final episode of 2019, Mark and Annelise start off deconstructing the good AND bad of the rampant year-end lists we all encounter this time of year. Jon and Amanda Hency, co-owners of one of our favorite music venues anywhere, sit down and discuss what it's like to run a club as a married couple, what the future looks like for The Mothlight, and how they got into this whole business in the first place. And we introduce a brand new segment, "Story Time with Steve Piano", a glimpse into the mind and experiences of one of the wildest customers we know. Recorded, mixed and edited by Colin Miller.Theme music created and recorded by MJ Lenderman and Owen Stone."This Week in Harvest History" theme by Casey Ellis."Story Time with Steve Piano" theme by Emily Easterly.

Sticker and Sleeve: A Harvest Records Podcast
3: John Henry Gloyne of Serpent & The Rainbow Tattoo

Sticker and Sleeve: A Harvest Records Podcast

Play Episode Listen Later Nov 26, 2019 66:51


In the third episode of Sticker and Sleeve, Mark and Annelise loosen up a bit and sit down with John Henry Gloyne of Serpent and The Rainbow Tattoo to talk music, marching to the beat of your own drum, his experience growing up (and now raising kids!) Cherokee, and the value of having a cool older sister and a supportive mom. Harvest co-owner Matt Schnable pops in to reminisce about his days living above Harvest Records with Mark, tell us what to expect this RSD Black Friday, and test his memory of bands Harvest brought to town. Will Matt remember details from shows he booked up to 13 years ago? Find out on this week's Sticker and Sleeve. Recorded, mixed and edited by Colin Miller.Theme music created and recorded by MJ Lenderman and Owen Stone."This Week in Harvest History" theme by Casey Ellis.

Sticker and Sleeve: A Harvest Records Podcast
2: Tarleton Walmsley of Garden Party + Newt Pal!

Sticker and Sleeve: A Harvest Records Podcast

Play Episode Listen Later Nov 14, 2019 60:51


This week on Sticker and Sleeve, Tarleton Walmsley of Garden Party joins us to talk activism through business, being a part of the community, the 240 highway expansion, and, of course, demystifying and sharing the benefits of CBD. Harvest employee Newt Pal also makes an appearance to share stories of their recent travels to Japan. Hosts Mark Capon and Annelise Kopp introduce two new segments, one highlighting notable happenings in Harvest history, and the other putting Mark's music trivia prowess to the test. How will he fare? You'll have to listen to find out. Recorded, mixed and edited by Colin Miller.Theme music created and recorded by MJ Lenderman and Owen Stone."This Week in Harvest History" theme by Casey Ellis.

The Hacker Next Door
Bug Bounty Hunter Casey Ellis

The Hacker Next Door

Play Episode Listen Later Nov 12, 2019 24:20


Bugcrowd founder Casey Ellis on employing hundreds of thousands of hackers, the big business of bug bounty programs, and how to save teenage hackers from a life of crime. Follow Bugcrowd and Casey at https://www.bugcrowd.com and https://twitter.com/caseyjohnellis. Follow Jeremy at http://jeremynsmith.com and https://twitter.com/jeremynsmith. Learn more about Breaking and Entering at http://jeremynsmith.com/breaking-and-entering.html.

Securiosity
What a week for insider threats

Securiosity

Play Episode Listen Later Nov 8, 2019 48:46


So much for Twitter’s good couple of weeks -- we break down the insider threat case that shocked everyone this week. And, believe it or not, it wasn't the only insider threat story to make news! In our interview, we talk with Casey Ellis, CTO and Founder of Bugcrowd. Casey, Greg and Jen talk about election security, vulnerability disclosure programs, and the meme sweeping the nation: ok boomer.

CISO-Security Vendor Relationship Podcast
Serious Hackers Wear TWO Black Hoodies

CISO-Security Vendor Relationship Podcast

Play Episode Listen Later Sep 17, 2019 38:04


All images and links for this episode can be found on CISO Series (https://cisoseries.com/serious-hackers-wear-two-black-hoodies/) We're doubling down and embracing the absolute worst of hacker tropes. Put on your black hoodie and then a second one. Boot up your Matrix screensaver and listen to the latest episode of CISO/Security Vendor Relationship Podcast. This episode is hosted by me, David Spark (@dspark), producer of CISO Series and founder of Spark Media Solutions and Mike Johnson. Our sponsored guest this week is Bruce Potter (@gdead), CISO, Expel. Here are the links to the items Bruce mentioned on the show: Expel's third-party assessment framework NIST CSF (and soon to be PF) self assessment tool Oh Noes! The incident response role playing game Thanks to this week's podcast sponsor Expel Expel is flipping today’s managed security model on its head (Ouch!) for on-prem and cloud, taking a technology-driven approach that lets analysts focus on what humans do best: exercise judgment and manage relationships. The company offers 24x7 monitoring through its security operations center-as-a-service, using the security tools customers already have. On this week's episode We’ve got listeners, and they’ve got questions A listener, who wishes to remain anonymous asks, "I am a one person security organization, and I get frustrated reading industry news and even listening to the CISO Series (love the show). My frustration is that so very often articles, blogs and podcasts assume that you/your organization has a security TEAM... How do you thrive and not just survive as a security shop of one?" What can a one-person shop expect to do, and not do? Let's dig a little deeper Bruce is also the founder of the Shmoo Group and his wife is the organizer for the annual ShmooCon which is a hacker conference held in DC every year. I'm stunned that his 2200-person event sells out in less than 20 seconds. There is obviously huge demand to attend and speak at your event. This year's event he had 168 submitted talks and 41 were accepted. Bruce tells us what makes a great ShmooCon submission and what were the most memorable talks from ShmooCon. "What's Worse?!" Today's game probably speaks to the number one problem with every company's security program. Hey, you're a CISO, what's your take on this? An issue that comes up in security all the time is "how do you do more with less." Are there ways to advance your security program when you don't have more budget or more people to do so? Study after study shows a top priority for cloud users is having visibility into application and data traffic. But most are not getting it. Nine out of ten respondents believe that access to packet data is needed for effective monitoring. So even though the cloud providers maintain the fortress, the enterprise still needs to see what’s going on. They’re ultimately responsible, after all. Cloud needs its own approach to monitoring, more closely based on how cloud customers interact with their data. It needs its own tools and greater level of communication between them and their providers. More on CISO Series. Check out lots more cloud security tips sponsored by OpenVPN, provider of next-gen secure and scalable communication software. OpenVPN Access Server keeps your company’s data safe with end-to-end encryption, secure remote access, and extension for your centralized UTM. Why is everybody talking about this now? We have talked in the past about the tired and negative image of the hacker in the black hoodie. It's pretty much all you see in stock photos. And since that's all any media outlet uses, that image just keeps getting reinforced. Poking fun and I think truly trying to find a better hacker image meme, Casey Ellis, founder of Bugcrowd, challenged others on LinkedIn to find a better "hacker stock photo" than the one he posted of hands coming out of a screen and typing on your keyboard with a cat looking on. We debate the truly worst hacker images we've seen and we propose a possible new stock image of the hacker.

Federal Drive with Tom Temin
Air Force cloud had 54 vulnerabilities before hackers found them

Federal Drive with Tom Temin

Play Episode Listen Later Aug 14, 2019 8:37


The Air Force online portal gets three-quarters of a million airmen visits a month. The cloud that hosts it, and more than 100 other apps, is a little less susceptible to cyber attacks thanks to some white-hat hackers. The Air Force, along with the Defense Digital Service and cybersecurity company Bugcrowd recently concluded a bug bounty program. The challenge exposed 54 vulnerabilities in the Cloud One host and paid out more than $130,000 to the hackers who found them. Federal News Network's Scott Maucione spoke with Casey Ellis, founder of Bugcrowd, and James Thomas of the Defense Digital Service about the contract and the challenge itself.

CyRise Sessions Podcast
CyRise Sessions with Casey Ellis

CyRise Sessions Podcast

Play Episode Listen Later Aug 7, 2019 63:32


Our guest for this episode is Casey Ellis, Founder and CTO of Bugcrowd. Bugcrowd is a crowdsourced security platform for security testing on web, mobile, source code and client-side applications.. They’ve secured 51M USD in funding. Team of 150. Offices is Sydney, London, and San Francisco . Having been through the Startmate accelerator program and seen incredible success in the years since, Casey’s story is rich with learnings for startup founders.

Securiosity
Have you patched BlueKeep yet?

Securiosity

Play Episode Listen Later Jul 19, 2019 43:18


Microsoft is sending out early warnings about the 2020 election, Bluekeep patching is a mixed bag, and a company wants to use diamonds in the supply chain. In our interview, we talk with Casey Ellis from Bugcrowd on how his company has meshed the nature of pen testing with bug bounty programs to form what’s considered to be “crowdsourced security.”

ITSPmagazine | Technology. Cybersecurity. Society
When You Invest In The Community The Community Gets Stronger | Casey Ellis And Jason Haddix

ITSPmagazine | Technology. Cybersecurity. Society

Play Episode Listen Later Mar 14, 2019 24:16


Sean Martin and Marco Ciappelli chat with Bugcrowd's Casey Ellis and Jason Jason Haddix about some of their recent news -- including their Buggy Awards, v2 of their Traffic Control capabilities, and their new partnership with Secure Code Warrior, designed to help educate and train engineers as part of the ongoing development lifecycle, shifting the InfoSec training left in the SDLC. It’s safe to say that the team at Bugcrowd is looking to do the right thing for the InfoSec community (and the industry) in pretty much every move they make and every action they take. There’s a crowd of adversaries ready and willing to take us down and we need a crowd of educated, capable and ethical hackers to combat this threat. Learn more about Bugcrowd here: https://www.itspmagazine.com/company-directory/bugcrowd

LeetSpeak with Alissa Knight
Bounty Hunters, Bugcrowd, The End of Penetration Testing, and Crowd Sourced Vulnerability Research

LeetSpeak with Alissa Knight

Play Episode Listen Later Dec 7, 2018 47:01


LeetSpeak with Alissa Knight Episode 9: Bounty Hunters, Bugcrowd, The End of Penetration Testing, and Crowd Sourced Vulnerability Research In this 9th Episode of LeetSpeak, I interview Casey Ellis, Founder and CTO of Bugcrowd. Together, we discuss crowd sourced vulnerability research, bounty hunters, and the end of the penetration testing as we know it.

The CyberWire
TSMC recovers from WannaCry infection. OpenEMR fixes 30 bugs. UK will ask Russia to extradite two GRU operators for Novichok attacks. Twitterbots flourish.

The CyberWire

Play Episode Listen Later Aug 7, 2018 19:03


In today's podcast we hear that chipmaker TSMC says the virus that shut it down in Taiwan was WannaCry. It appears to have been an incidental infection enabled by inattentive installation of software. OpenEMR fixes bugs that could have exposed millions of patient records. British authorities are said to be readying an extradition request for GRU operators they hold responsible for the Novichok attack in Salisbury—the incident has prompted Russian hacking and disinformation. Mike Benjamin from CenturyLink on DDoS attack trends. Casey Ellis from Bugcrowd with an overview of bug bounty programs. 

ThugCrowd
Ep 017.5 - Bug Bounties with Casey Ellis of BugCrowd

ThugCrowd

Play Episode Listen Later Jul 16, 2018 120:49


Show Notes: Continued from Tuesday stream. https://thugcrowd.com/notes/20180710.html

ThugCrowd
Ep 017.5 - Bug Bounties with Casey Ellis of BugCrowd

ThugCrowd

Play Episode Listen Later Jul 15, 2018 120:49


Show Notes: Continued from Tuesday stream. https://thugcrowd.com/notes/20180710.html

Cyber Security Interviews
#026 – Casey Ellis: I Enjoy Thinking Like a Criminal

Cyber Security Interviews

Play Episode Listen Later Jul 17, 2017 33:56


Bugcrowd (https://www.bugcrowd.com/) . He started life in infosec as pentester, moved to the dark side of solutions architecture and sales, and finally landed as a career entrepreneur. He’s been in the industry for 15 years, working with clients ranging from startups to government to multinationals, and awkwardly straddles the fence of the technical and business sides of information security. Casey pioneered the Bug Bounty as-a-Service model launching the first programs on Bugcrowd in 2012, and has presented at Blackhat, Defcon, Derbycon, SOURCE Boston, AISA National, and many others. He is happy as long as he's got a problem to solve, an opportunity to develop, a kick ass group of people to bring along for the ride, and free reign on t-shirt designs. In this episode we discuss fixing the Internet, bug bounty programs, designing software with security in mind, IoT security, changing security training and recruitment, responsible disclosure, entrepreneurship and starting a company, and so much more. Where you can find Casey: LinkedIn (https://www.linkedin.com/in/caseyjohnellis/) Twitter (https://twitter.com/caseyjohnellis) Blog (https://blog.bugcrowd.com/author/casey-ellis)

The CyberWire
Daily: FBI hunts Russian bears, election hacking, chat bot warnings.

The CyberWire

Play Episode Listen Later Sep 20, 2016 14:59


In today's podcast we hear about how the FBI is seeking to impose costs on Fancy Bear and Cozy Bear. Election hacking fears remain, despite DHS reassurances, and industry sources warn of privacy risks within campaign databases. Investigation continues into the ISIS-claimed weekend attacks. Cisco patches a firewall vulnerability related to a Shadow Brokers' exploit. Dr. Charles Clancy from Virginia Tech's Hume Center weighs in on the Muddy Waters Capital / St. Jude Medical legal battle. Casey Ellis from Bugcrowd explains how they crowdsource application testing. M&A activity, and another warning to beware of chat bots.

Welcome to Cybersecurity Insights and Perspectives
Interview with Casey Ellis Of Bug Crowd

Welcome to Cybersecurity Insights and Perspectives

Play Episode Listen Later May 27, 2016 13:08


Host Kevin Greene and guest Casey Ellis, CEO at Bugcrowd, discuss how bug bounty programs like Bugcrowd can help find backdoors like the one found in Juniper's ScreenOS. Ellis shares his thoughts on the obstacles to standing up a bug bounty program in the federal government. He also talks about the automation challenges in finding vulnerabilities in software, and ways to use both the human element and automation to improve vulnerability detection in software. Ellis shares his thoughts on hacker trends for 2016 and beyond.

Our Hypothetical Podcast
Episode 10: Every Cop is Batman

Our Hypothetical Podcast

Play Episode Listen Later Mar 9, 2016


The podcast returns with hosts Casey Ellis and Patrick Vollmer welcoming comedian Nico Thomas from Chicago's Second City into the guest's chair. Listen as our heroes discuss a world in which instead of police, every cop was Batman. Bam! Ka-Pow! Subscribe! If you cannot see the audio controls, your browser does not support the audio element

Our Hypothetical Podcast
Episode 9: New Year / 36 Hours

Our Hypothetical Podcast

Play Episode Listen Later Jan 18, 2016


In the first episode of 2016 hosts Casey Ellis and Patrick Vollmer are joined by comedian Sam Ujdak. The show starts the year off right with a discussion about having to spend the whole year with whomever you hook up with on New Year's Eve. In the second half of the show our heroes must tackle what 36 hour days would be like. If you cannot see the audio controls, your browser does not support the audio element

Our Hypothetical Podcast
Episode 8: Christmas Special

Our Hypothetical Podcast

Play Episode Listen Later Dec 4, 2015


In this yuletide episode hosts Casey Ellis and Patrick Vollmer give season's greetings to our first returning guest, comedian Jesse Louden. The guys talk about all things Christmas, like if getting a lump of coal would scar a child for life and the welfare of sentient snow men. Make some cocoa and enjoy. If you cannot see the audio controls, your browser does not support the audio element

Our Hypothetical Podcast
Episode 7: Year 2045 / Happy Holiday

Our Hypothetical Podcast

Play Episode Listen Later Nov 6, 2015


In this episode hosts Casey Ellis and Patrick Vollmer are joined by Jimmy Kimmel Live segment producer Jake Clements. The first hypothetical has our mighty heroes travel back to the future to discuss their predictions for life 30 years from now. In the second half of the show the topic turns to all holidays being rolled into one 24 hour period called Holi-Day. If you cannot see the audio controls, your browser does not support the audio element

Paul's Security Weekly TV
Security Weekly #438 - Bug Bounty and Responsible Disclosure

Paul's Security Weekly TV

Play Episode Listen Later Oct 27, 2015 47:36


We bring back Samy Kamkar "Samy's My Hero," and bring on special guests Casey Ellis from BugCrowd and Katie Moussouris from HackerOne. We talk about the tough ethical questions and the future of bug bounties in 5 years.Security Weekly Web Site: http://securityweekly.comHack Naked Gear: http://shop.securityweekly.comFollow us on Twitter: @securityweekly

Paul's Security Weekly
Security Weekly #438 - 10 Year Anniversary Part 2

Paul's Security Weekly

Play Episode Listen Later Oct 26, 2015


Bug Bounty and Responsible Disclosure We bring back Samy Kamkar "Samy's My Hero," and bring on special guests Casey Ellis from BugCrowd and Katie Moussouris from HackerOne. We talk about the tough ethical questions and the future of bug bounties in 5 years. Interview with Ron Gula We interview Ron Gula, one of the first interviews conducted on Security Weekly. Ron is a leading cybersecurity thinker, innovator, and visionary in the information security industry. Security Weekly Web Site: http://securityweekly.com Hack Naked Gear: http://shop.securityweekly.com Follow us on Twitter: @securityweekly

Our Hypothetical Podcast
Episode 6: Going Commercial / Side Effects

Our Hypothetical Podcast

Play Episode Listen Later Oct 7, 2015


In this episode hosts Casey Ellis and Patrick Vollmer are joined by comedian Scott Trepper. Part one has our heroes discuss what it would be like if events in life had corporate sponsors. Things get trippy in part two where the topic is what if the effects of certain recreational substances never wore off. Intermission music by The Rods and Cones. If you cannot see the audio controls, your browser does not support the audio element

Our Hypothetical Podcast
Episode 5: Apply Yourself / Personal Devices

Our Hypothetical Podcast

Play Episode Listen Later Sep 8, 2015


In this episode hosts Casey Ellis and Patrick Vollmer are joined by musician Russ Levitt. Part one has the guys discussing a life in which every few years you have to re-apply with the government to continue to exist. Things get personal in part two when the discussion switches to a future where every device from your phone to your toilet has A.I. and its own personality. If you cannot see the audio controls, your browser does not support the audio element

Our Hypothetical Podcast
Episode 4: Rated G / The Number

Our Hypothetical Podcast

Play Episode Listen Later Aug 22, 2015


In the fourth episode hosts Casey Ellis and Patrick Vollmer are joined by comedian / author Jacob Nyenhuis. The first hypothetical situation looks at a world in which every movie has to be re-cut to be "G" rated. In the second half the guys examine a life in which floating above everyone's head is the number of people they've slept with. If you cannot see the audio controls, your browser does not support the audio element

Our Hypothetical Podcast
Episode 3: Endangered Dinosaurs / Weekly President

Our Hypothetical Podcast

Play Episode Listen Later Jul 20, 2015


In the third episode hosts Casey Ellis and Patrick Vollmer talk it out with guest Jesse Johnson. The first hypothetical situation deals with a world in which dinosaurs are brought back into the wild as endangered species. In the second segment, the guys talk about a new system of government that drafts a new president every week. If you cannot see the audio controls, your browser does not support the audio element

Our Hypothetical Podcast
Episode 2: Drunk Day / God Interview

Our Hypothetical Podcast

Play Episode Listen Later Jun 5, 2015


In this episode, hosts Casey Ellis and Patrick Vollmer are joined by comedian/actor Matt Keeley. The first hypothetical situation has the guys look into a world in which American prohibition is brought back... except for one day a year where everyone over 21 MUST be drunk. In the second half of the episode the guys talk about the prospect of interviewing god... with only three questions. If you cannot see the audio controls, your browser does not support the audio element

Our Hypothetical Podcast
Episode 1: Government Pizza / Internet Curfew

Our Hypothetical Podcast

Play Episode Listen Later May 5, 2015


In the premiere episode, hosts Casey Ellis and Patrick Vollmer are joined by comedian Jesse Louden. The first hypothetical situation deals with a world in which every time the government screws up, they issued you a free pizza. In the second half of the episode, the guys try to fathom a world in which from midnight to 6:00 AM... the internet shuts down. If you cannot see the audio controls, your browser does not support the audio element