Casey Ellis, Costin Raiu, and The Grugq talk about vulnerability disclosure.
Casey Ellis, (Founder/Chairman/CTO @ BugCrowd);
Costin Raiu, (Director of Global Research and Analysis Team at Kaspersky);
The Grugq, (Moderator)
Casey is the Founder, Chairman, and CTO of Bugcrowd. He is an 18 year veteran of information security, servicing clients ranging from startups to multinational corporations as a pentester, security and risk consultant and solutions architect, then most recently as a career entrepreneur. Casey pioneered the Crowdsourced Security as a Service model launching the first bug bounty programs on the Bugcrowd platform in 2012, and co-founded the disclose.io vulnerability disclosure standardization project in 2016. A proud ex-pat of Sydney Australia, Casey lives with his wife and two kids in the San Francisco Bay Area. He is happy as long as he’s passionately pursuing potential.
Costin specializes in analyzing advanced persistent threats and high-level malware attacks. He is leading the Global Research & Analysis Team (GReAT) at Kaspersky that researched the inner workings of Stuxnet, Duqu, Carbanak and more recently, Lazarus, BlueNoroff, Moonlight Maze and the Equation group. Costin’s work includes analyzing malicious websites, exploits and online banking malware. Costin has over 24 years of experience in anti-virus technologies and security research. He is a member of the Virus Bulletin Technical Advisory Board, a member of the Computer AntiVirus Researchers’ Organization (CARO) and a reporter for the Wildlist Organization International. Before joining Kaspersky, Costin worked for GeCad as Chief Researcher and as a Data Security Expert with the RAV antivirus developers group. Costin joined Kaspersky Lab in 2000 and became the Director of the Global Research & Analysis Team in 2010.
grugq has been analyzing and authoring content about applied security, cyber, operational, and otherwise for around 25 years. His writings range from in-depth papers on forensics and anti-forensics, to detailed analysis of events that skirt both international espionage and cyber security. grugq has been cited in The New York Times, The Washington Post, Wired (magazine), and Vice (magazine) as well as referenced at security conferences. grugq has grown a large following online and as of April 2019 had over 102k followers on Twitter and over 30k followers on Medium.