What if I told you that the industry average is 15-50 bugs per 1000 lines of code? You may not care if you’re creating a homebrewed script, but what if you are in charge of launching the SpaceX rocket?
What if you are Lewis Hamilton driving for Mercedes Formula 1 and a software glitch causes you to lose a three second lead at the Australian Grand Prix? What if you are a general in charge of military forces using tools that include the same software I can buy on Amazon or Ali Baba?
With so much of our world now driven by software, everything is on the line: money, property, even lives. Perfection is never going to be an option, but it is fair to say that we need to be as close to perfect as possible.
In this episode of the InSecurity Podcast, host Matt Stephenson is joined by Katie Moussouris to talk about bugs and bug bounties and the impact they can have on security and privacy. Katie is an industry legend perhaps best known for creating Microsoft’s first Bug Bounty program in 2013.
Katie breaks it all down: who needs a bug bounty? Is a bug bounty program even appropriate for a company? There are risks inherent in every question and every answer.
About Katie Moussouris
She is a noted authority on vulnerability disclosure & bug bounties, advising companies, lawmakers, and governments on the benefits of hacking & security. Katie is a hacker – first hacking computers, now hacking policy and regulations.
About Matt Stephenson
*** This is a Security Bloggers Network syndicated blog from Cylance Blog authored by Cylance Podcasts. Read the original post at: https://threatvector.cylance.com/en_us/home/insecurity-podcast-katie-moussouris-breaks-down-bug-bounty-programs.html