HackerOne released a free model that assesses an organization’s readiness to accept outside vulnerability reports.
Tag Archives: Katie Moussouris
Stakeholders Argue Against Restrictive Wassennaar Proposal
The commenting period regarding the Wassenaar Arrangement expired on Monday but the echo chamber around the largely maligned proposal continues to reverberate.
Bug Bounties in Crosshairs of Proposed US Wassenaar Rules
Bug bounties and rewards programs provide researchers with a measure of income, and if the proposed Wassenaar rules are implemented in the U.S., that initiatives could be adversely impacted.
Security Researchers Wary of Proposed Wassenaar Rules
The Commerce Department’s Bureau of Industry and Security today made public its proposal to implement the controversial Wassenaar Arrangement.
Adobe Starts Vulnerability Disclosure Program on HackerOne
Adobe launched its first vulnerability disclosure program this week. It will use the HackerOne platform and will not pay out bounties, instead researchers can bulk up their HackerOne reputation scores. Only vulnerabilities in Adobe web applications or web-based services are in scope.
Katie Moussouris on Starting a Bug Bounty Program
In this video from last week’s Security Analyst Summit, HackerOne’s Katie Moussouris explains the main thing companies that want to start a bounty program or vulnerability incentive program need to know: There is no one size fits all.
Don’t Build a Bounty Program; Build an Incentive Program
At the Security Analyst Summit, Katie Moussouris encouraged enterprises to build bug bounty programs that feed a software development lifecycle.
Be Ready: Next Internet Bug Won’t Be The Last
Panelists at the Advanced Cyber Security Center annual conference discuss how readiness for the next Internet-scale bug is no longer a luxury.