Tags katie moussouris
The bug bounty market has some flaws of its own
Inflated bounties might be creating perverse incentives for young cybersecurity researchers and distorting the market for white-hat bug hunters.
Senators grill Uber CISO over 2016 breach, extortion incident
During the hearing, the lawmakers questioned Uber’s chief security officer while also receiving an education from experts on how bug bounty programs are supposed to operate.
The Wassenaar Arrangement's latest language is making security researchers very happy
Security researchers are saying rewritten language that includes hacking tools in a treaty that regulates the global trade in weapons technology, saying it fixes rules that, if implemented in the U.S., would have outlawed much of the daily commerce of the cybersecurity industry.
OWASP postpones publication of Top 10 app vulnerabilities draft
Postponing the publication of the new draft highlights the controversy swirling around this latest effort to revise the ubiquitous Top 10 list, which is being led by new authors after an earlier version got panned.