A brief history of vulnerability disclosure and bug bounty

Awesome three-part series by Dennis Fisher

Dennis Fisher is, in my opinion, one of the “good infosec reporters”. He's been covering cybersecurity for 10 years or more, and in that time he seen a lot of growth and evolution of the relationship between the hacker community and the people that build and protect software.

A few months ago I interviewed with Dennis to talk about what I have seen through the course of ideating and starting Bugcrowd, as well as the changes that we've seen in laws and company interactions with respect to the role of the white hat hacker in securing the Internet. Dennis interviewed a ton of the other “usual suspects” in the space like Katie Moussouris, Dino Dai Zovi, Charlie Miller, Alex RoRo Romero, Lisa Wiswell, and more - and the resulting series is a fantastic read!

Here it is:

  1. LAWYERS, BUGS, AND MONEY: WHEN BUG BOUNTIES WENT BOOM

  2. UPRISING IN THE VALLEY: WHEN BUG BOUNTIES WENT BOOM, PART TWO

  3. ‘DRIVE IT LIKE YOU STOLE IT’: WHEN BUG BOUNTIES WENT BOOM, PART THREE

The interesting thing about our space is it’s very loud, very topical, and easy to have an opinion on - I think this article does an excellent job of unfolding the story of the evolution of our space through the voices of those who were there.

Huge thanks to Dennis for telling our story!