Bugcrowd founder Casey Ellis joins #lifeafterCISO to talk about bug bounty programs in the wake of the Joe Sullivan Uber trial. Whether you've been running bounty programs for years or just learned of them last week, this conversation will take you from basics straight into the most interesting and controversial bits.
01:25 The Joe Sullivan Uber trial and its impact on bug bounties
10:30 Clearing Assurance Debt: The initial wave of bounties
15:40 Ostrich Risk Management
22:55 Vulnerability Disclosure Programs as a proxy for security maturity
44:00 Take 10% or 10 records of our data - whichever is smaller