Please consider donating: https://www.corelan.be/index.php/donate/


2,268 views

HITB2014AMS – Interview with Katie Moussouris

Hi all,

I had the pleasure to meet with Katie Moussouris after her keynote at Hack In The Box. After the announcement that she has left Microsoft and now serves as Chief Policy Offer (CPO) at HackerOne.  I wanted to ask her 2 questions about this new step in her carreer:

Peter: Why HackerOne?

Katie: I’m really excited about the move and my new role as CPO, because a part of the role is to work with both vendors and community, to help streamline the vulnerability disclosure process; and with policy makers and lawmakers, to help them understand that vulnerability disclosure is not just something that must be tolerated.  Laws were written at a time when vulnerability research wasn’t really well understood, which means a lot of the work is “illegal” to a certain extent.  The work on ISO standards will hopefully help making policy makers understand that changes are needed and that the community and industry is willing to join efforts and be pro-active in putting guidelines on paper that hopefully will get adopted by both vendors and researchers.

Peter: What is HackerOne ?

Katie: HackerOne offers a vulnerability disclosure platform. A lot of organisations don’t have the ability or means to put a full blown vulnerability disclosure platform in place.  HackerOne offers use of the platform for free, and when a vendor decides to offer a bug bounty to vulnerability researches, HackerOne will simply charge a percentage to the vendor.  Additionally, HackerOne doesn’t require researchers to sign an NDA before they submit bugs.

HackerOne is a startup, based in San Fransisco, with employees and engineers all around the world.   HackerOne are the humble hosts of the Internet Bug Bounty, which rewards friendly hackers who contribute to a more secure internet. The program is made possible by the generosity of several sponsors (including Microsoft and Facebook) whose entire contributions directly fund the bounties paid to researchers.  You can find more information about HackerOne at www.hackerone.com 

Peter: Thank you for your time

Katie: Thank you !

DSC 0548


 

© 2014, Peter Van Eeckhoutte (corelanc0d3r). All rights reserved.

Comments are closed.

Corelan Training

We have been teaching our win32 exploit dev classes at various security cons and private companies & organizations since 2011

Check out our schedules page here and sign up for one of our classes now!

Donate

Want to support the Corelan Team community ? Click here to go to our donations page.

Want to donate BTC to Corelan Team?



Your donation will help funding server hosting.

Corelan Team Merchandise

You can support Corelan Team by donating or purchasing items from the official Corelan Team merchandising store.

Protected by Copyscape Web Plagiarism Tool

Corelan on Slack

You can chat with us and our friends on our Slack workspace:

  • Go to our facebook page
  • Browse through the posts and find the invite to Slack
  • Use the invite to access our Slack workspace
  • Categories