Preview Mode Links will not work in preview mode

Oct 14, 2013

In this episode...

  • James and I host legitimate Polynesian royalty (a princess....) really!
  • Katie gives us the skinny on Microsoft's 10 year progression to get to a bug bounty program
  • We discuss the merits of bug bounties and execution in a very large enterprise
  • Katie gives us as many details as she can about the recent $100,000 payout
  • Much... much ... more!

Guest

  • Katie Moussouris ( @k8em0 ) - Katie runs the Security Community Outreach and Strategy team for Microsoft as part of the Microsoft Security Response Center (MSRC) team to help drive crucial elements of our security community strategy effort. She is a Senior Security Strategist Lead, and let's not sell her short - she is royalty!
    She created and drove the first ever Microsoft security bounty programs (www.microsoft.com/bountyprograms). Which received 18 vulnerabilities and a new attack technique that will help Microsoft build stronger defenses that will protect the entire platform from this new class of attack.
    She serves as lead subject matter expert in the US National Body for the ISO work item 29147 "Vulnerability Disclosure", scheduled for publication in 2013, and does countless other efforts associated with the ISO standards body and various other industry groups.