Please take a moment to read, to help share the message and support the initiative to tell our leaders to focus on addressing the global world problems, instead of complaining about the effects of their lack of leadership. Be a leader yourself, and share this with as many people as possible. #demandglobalchange //

Please consider donating:


HITB2014AMS – Interview with Katie Moussouris

Hi all,

I had the pleasure to meet with Katie Moussouris after her keynote at Hack In The Box. After the announcement that she has left Microsoft and now serves as Chief Policy Offer (CPO) at HackerOne.  I wanted to ask her 2 questions about this new step in her carreer:

Peter: Why HackerOne?

Katie: I’m really excited about the move and my new role as CPO, because a part of the role is to work with both vendors and community, to help streamline the vulnerability disclosure process; and with policy makers and lawmakers, to help them understand that vulnerability disclosure is not just something that must be tolerated.  Laws were written at a time when vulnerability research wasn’t really well understood, which means a lot of the work is “illegal” to a certain extent.  The work on ISO standards will hopefully help making policy makers understand that changes are needed and that the community and industry is willing to join efforts and be pro-active in putting guidelines on paper that hopefully will get adopted by both vendors and researchers.

Peter: What is HackerOne ?

Katie: HackerOne offers a vulnerability disclosure platform. A lot of organisations don’t have the ability or means to put a full blown vulnerability disclosure platform in place.  HackerOne offers use of the platform for free, and when a vendor decides to offer a bug bounty to vulnerability researches, HackerOne will simply charge a percentage to the vendor.  Additionally, HackerOne doesn’t require researchers to sign an NDA before they submit bugs.

HackerOne is a startup, based in San Fransisco, with employees and engineers all around the world.   HackerOne are the humble hosts of the Internet Bug Bounty, which rewards friendly hackers who contribute to a more secure internet. The program is made possible by the generosity of several sponsors (including Microsoft and Facebook) whose entire contributions directly fund the bounties paid to researchers.  You can find more information about HackerOne at 

Peter: Thank you for your time

Katie: Thank you !

DSC 0548


2014, Corelan Team (corelanc0d3r). All rights reserved.

Related Posts:

Comments are closed.

Corelan Live training

Since 2011, Corelan GCV has been teaching live win32 exploit dev classes at various security cons and private companies & organizations.

You can read more about the training and schedules here

Demand Global Change

The world needs your help !

Please take a few moments to read the "Demand Global Change Call For Action" document at
Read the full document at and share the message with as many people as possible.

Like the Facebook page, and SHARE it with everyone you know.


Want to support the Corelan Team community ? Click here to go to our donations page.

Want to donate BTC to Corelan Team?

Your donation will help funding server hosting.

Protected by Copyscape Web Plagiarism Tool

Corelan Team Merchandise

You can support Corelan Team by donating or purchasing items from the official Corelan Team merchandising store.

Corelan on IRC

You can chat with us and our friends on #corelan (freenode IRC)