Managing Bug Bounty Programs At Scale - Dr. Jared DeMott - PSW #796

Paul's Security Weekly (Audio)

Aug 24, 2023•3 hr 23 min

--:--

Listen in podcast apps:

Apple Podcasts

Spotify

Download

Listen to this episode in Metacast mobile app

Don't just listen to podcasts. Learn from them with transcripts, summaries, and chapters for every episode. Skim, search, and bookmark insights. Learn more

Episode description

Jared has a long, and outstanding, history in cybersecurity. Today, he works for Microsoft helping them run and respond to bug bounty reports. The scale is massive and I think we can all learn a thing or two about vulnerability management and bug bounties!

Segment Resources: https://www.microsoft.com/en-us/msrc/bounty?rtc=1

https://www.microsoft.com/en-us/msrc

https://msrc.microsoft.com/report/vulnerability/new

https://www.microsoft.com/en-us/msrc/bounty

https://msrc.microsoft.com/blog/

https://jobs.careers.microsoft.com/global/en/search?q=msrc&l=en_us&pg=1&pgSz=20&o=Relevance&flt=true

https://www.microsoft.com/bluehat/

In the Security News: Lora projects are popular, simple checksums are not enough, WinRAR: shareware or native OS?, ATM software is vulnerable, attackers could learn from security researchers (but lets hope they don’t), NoFilter and behavior by design, Apple vs. A security researcher: there are no winners, sneaky npm packages, faster Nmap scans, kali on more phones, more LOl drivers, comparing security benchmarks to the real world, tunnelcrack and why VPNs are over-hyped, Ubuntu has lost its mind, and there’s a Python in the sheets! All that and more on this episode of Paul’s Security Weekly!

Visit https://www.securityweekly.com/psw for all the latest episodes!

Like us on Facebook: https://www.facebook.com/secweekly

Show Notes: https://securityweekly.com/psw-796

For the best experience, listen in Metacast app for iOS or Android