skip to Main Content

Topic: Conferences & Events

Insights From AppSec Veteran, Richard Rushing

Last week we launched our 2017 CISO Investment Blueprint which analyzes survey responses from 100 security decision makers regarding the current state of application security. In addition to the survey results, we’ve chatted with several innovators in the security industry to get their thoughts on appsec today and the future.

Over the next couple of months, we’ll be publishing these interviews, filled with insights around the challenges and opportunities present for security decision-makers in 2017. We welcome your feedback and observations as well! Tweet us or shoot us an email to share your thoughts.

Read More

A hacker at CES: An analysis of security at the Consumer Electronics Show

I recently attended the world’s largest consumer technology show in the world: CES. It was my first time at the show and I was excited to not only see the latest gadgets, but also attend some of the sessions. Of course, as a hacker I couldn’t help but apply the “how to break in” filter to everything I saw, especially with the growth of IoT as an attack vector in the last couple of years. I didn’t go it alone: my friend and colleague Daniel Miessler joined me. Daniel is the Director of Advisory Services at IOActive and project leader for the OWASP IoT project.

Read More

Top 2017 AppSec Challenges and Investment Areas

At the close of 2016, we surveyed 100 CISOs and decision makers to get a sense of their 2017 security priorities. The full report will be released at a later date. In the meantime, you can learn more about a few of the top application security focus areas and challenges in this post.

Read More

A Hacker at CES

Today is the first day of another Consumer Electronics Show–CES. Launched 50 years ago the show has been the place to see the latest gadgets, but over the last several years the scope of the show has grown. From cars to drones to personal fitness devices, the show once named for the consumer “electronics” it showcased now features all things consumer technology. 

Read More

Bug Bounties: Risk and Reward

Today our CEO, Casey Ellis, and founder and attorney at Cipher Law, James Denaro stepped on stage at AppSecUSA 2016 to talk about the logistics and legalities of bug bounties. They talked through some of the most common concerns people have about bug bounties and discussed both ways to address those concerns, as well as implement liability controls.

Read More

2016 Black Hat, DEFCON, BSides Wrap Up

Now that we’ve rested our feet, drank some water, and adjusted from the Las Vegas time warp, we thought we’d give a brief recap of our week. In the six days we spent boots down in Vegas, we caught some great talks with some of our favorite people, threw, sponsored and attended awesome events, and as always, met amazing folks from the InfoSec community.

Read More

Bugcrowd’s RSAC 2016 by the Numbers

72,000 Steps

Now that we’ve had a moment to settle from the chaos that was the 25th Annual RSA Conference on our home turf, we’d like to take a moment to jot down some thoughts and give you a look at our highlights – by the numbers. We’ll start with the average 72,000 steps “we” took from Monday to Friday, strutting our Bugcrowd gear around Moscone, meeting with incredible people, and generally getting amongst the action.
Read More

On the U.S. Government and Bug Bounties

My favorite thing about going to conferences is establishing the underlying trends behind the questions I’m asked. We’re only half-way through RSAC/BSides week, and already the dominant question is clear:

When is the government going to start a bug bounty program?

Here’s my answer:

The government has no choice but to adopt a crowdsourced model for vulnerability discovery, it’s more a question of when will the pain of staying the same exceed the pain of change.

Read More
Learn More About The Most Critical Vulnerabilities of 2019Download Report
Back To Top