Overview
Explore a thought-provoking conference talk on cybersecurity strategies and bug bounty programs. Delve into the complexities of hacker motivation, perverse incentives, and the challenges faced by organizations in implementing effective security measures. Learn about real-world examples from Microsoft and the U.S. military, and discover practical solutions for improving cybersecurity processes. Gain insights on balancing security efforts, understanding the labor market for hackers, and implementing smarter security practices. Engage with topics ranging from midlife crises to armored vehicle chases, all while examining the evolving landscape of cybersecurity and bug bounty programs.
Syllabus
Introduction
Midlife Crisis
Silver Bullets
Friend vs Foe
Armored Vehicle Chase
Its Not the Bugs
Bug Bounty Myths
Hacker Motivation
The Numbers
How Long Will This Last
Perverse Incentives
Dilbert
Microsoft Bug Bounty
Hack the Pentagon
Army vs Navy
Registration Numbers
How do we deal with this
The proposed solution
What can you do
Go hack yourself
Processes
Balance
References
Hack Our Labor Market
Questions
Taught by
Hack In The Box Security Conference