David Baker

Chief Security Officer at Bugcrowd.
Recent Posts
Data Privacy Day? Here’s what you need to know.

Happy Data Privacy Day! Data Privacy Day is an annual awareness day to spotlight and foster education around online privacy and data protection. The National Cyber Security Alliance, Stay Safe Online holds Data Privacy Day every year on January 28 to commemorate the first legally-binding international treaty concerning privacy and data protection. Some of the

By Thought Leadership
Top Challenges of Traditional Pen Tests

Penetration testing has become common practice for vulnerability assessment over the past decade. There are several reasons why people do pentests. Identifying risky vulnerabilities for developers to address is great practice for risk reduction. That being said, many times the reasons to commission pentests is regulatory compliance, customer expectation, or contractual requirements — just to

By Thought Leadership
Bugcrowd Achieves SOC 2 Type I Compliance

As a security company, our customers expect us to have a mature world-class security program. Their data is sensitive, and they expect the companies that store it on their behalf, to have the best security measures in place to keep it secure.   At Bugcrowd, we’’re constantly updating our security, and each step we take

By Bugcrowd News
2018 CISO Investment Blueprint

As we saw in 2017, the number of data breaches and cyber-attacks is not slowing down. What’s more, security leaders are still focused on finding and investing in defensive tools to combat cybercrime. And yet still, adversaries are getting more innovative and outpacing what tools are able to defend. We no longer live in a

By Company ResourcesThought Leadership
Announcing Our ISO 27001 Certification

We hit a big milestone for Bugcrowd today. We are excited to announce we’re ISO 27001 certified! ISO 27001 is one of the most widely recognized and internationally accepted information security standards. It’s one of the few standards that uses a top-down, risk-based approach to evaluation. It identifies requirements and specifications for a comprehensive Information Security

By Bugcrowd News