2,355 views
HITB2014AMS – Interview with Katie Moussouris
Hi all,
I had the pleasure to meet with Katie Moussouris after her keynote at Hack In The Box. After the announcement that she has left Microsoft and now serves as Chief Policy Offer (CPO) at HackerOne. I wanted to ask her 2 questions about this new step in her carreer:
Peter: Why HackerOne?
Katie: I’m really excited about the move and my new role as CPO, because a part of the role is to work with both vendors and community, to help streamline the vulnerability disclosure process; and with policy makers and lawmakers, to help them understand that vulnerability disclosure is not just something that must be tolerated. Laws were written at a time when vulnerability research wasn’t really well understood, which means a lot of the work is “illegal” to a certain extent. The work on ISO standards will hopefully help making policy makers understand that changes are needed and that the community and industry is willing to join efforts and be pro-active in putting guidelines on paper that hopefully will get adopted by both vendors and researchers.
Peter: What is HackerOne ?
Katie: HackerOne offers a vulnerability disclosure platform. A lot of organisations don’t have the ability or means to put a full blown vulnerability disclosure platform in place. HackerOne offers use of the platform for free, and when a vendor decides to offer a bug bounty to vulnerability researches, HackerOne will simply charge a percentage to the vendor. Additionally, HackerOne doesn’t require researchers to sign an NDA before they submit bugs.
HackerOne is a startup, based in San Fransisco, with employees and engineers all around the world. HackerOne are the humble hosts of the Internet Bug Bounty, which rewards friendly hackers who contribute to a more secure internet. The program is made possible by the generosity of several sponsors (including Microsoft and Facebook) whose entire contributions directly fund the bounties paid to researchers. You can find more information about HackerOne at www.hackerone.com
Peter: Thank you for your time
Katie: Thank you !
© 2014, Peter Van Eeckhoutte (corelanc0d3r). All rights reserved.