Little Bugs – SCW #88
Full Audio
View Show IndexSegments
1. Compliance and “The Crowd”, Part 1 – Casey Ellis – SCW #88
Crowdsourcing and multi-sourcing focus on risk identification and reduction, and they seem to be effective... but my auditor doesn't understand what it is yet - Will it meet the requirements of security compliance standards? Jeff and Casey will dig into the hits and misses of plugging novel assurance approaches into established markets.
Announcements
In an overabundance of caution, we have decided to flip this year’s SW Unlocked to a virtual format. The safety of our listeners and hosts is our number one priority. We will miss seeing you all in person, but we hope you can still join us at Security Weekly Unlocked Virtual! The event will now take place on Thursday, Dec 16 from 9am-6pm ET. You can still register for free at https://securityweekly.com/unlocked.
InfoSec World 2021 is proud to announce its keynote lineup for this year’s event! Hear from Robert Herjavec plus heads of security at the NFL, TikTok, U.S. Department of Homeland Security, Stanford University, and more… Plus, Security Weekly listeners save 20% on Digital Pass registration! Visit https://securityweekly.com/isw2021 to register now!
Guest
Casey is the Founder and Chief Strategy Officer of Bugcrowd, as well as the co-founder of The disclose.io Project. He is a 20+ year veteran of information security who entered the space from a youth spent inventing things and generally getting technology to misbehave. Prior to Bugcrowd, Casey entered information security as a penetration tester and security researcher, before wearing a variety of hats ranging from solutions architecture and sales to CSO, and finally landing as a career cybersecurity entrepreneur.
Casey pioneered Crowdsourced Security as-a-Service, launching Bugcrowd and its first bug bounty programs in 2012, and co-founded the disclose.io vulnerability disclosure standardization and adoption project in 2014.
Hosts
2. Compliance and “The Crowd”, Part 2 – Casey Ellis – SCW #88
Crowdsourcing and multi-sourcing focus on risk identification and reduction, and they seem to be effective... but my auditor doesn't understand what it is yet - Will it meet the requirements of security compliance standards? Jeff and Casey will dig into the hits and misses of plugging novel assurance approaches into established markets.
Announcements
Don't forget to check out our library of on-demand webcasts & technical trainings at securityweekly.com/ondemand.
Don't miss any of your favorite Security Weekly content! Visit https://securityweekly.com/subscribe to subscribe to any of our podcast feeds and have all new episodes downloaded right to your phone! You can also join our mailing list, Discord server, and follow us on social media & our streaming platforms!
Guest
Casey is the Founder and Chief Strategy Officer of Bugcrowd, as well as the co-founder of The disclose.io Project. He is a 20+ year veteran of information security who entered the space from a youth spent inventing things and generally getting technology to misbehave. Prior to Bugcrowd, Casey entered information security as a penetration tester and security researcher, before wearing a variety of hats ranging from solutions architecture and sales to CSO, and finally landing as a career cybersecurity entrepreneur.
Casey pioneered Crowdsourced Security as-a-Service, launching Bugcrowd and its first bug bounty programs in 2012, and co-founded the disclose.io vulnerability disclosure standardization and adoption project in 2014.