"How the crowd is discovering critical vulns missed by traditional methods"

Title "How the crowd is discovering critical vulns missed by traditional methods"

State of the art security programs are turning to bug bounties to leverage a vast array of skill-sets and knowledge. Learn why these programs work, when to deploy them, and how you can bring these new application security testing capabilities into your own organization. The speaker will discuss real world examples from bug bounties and focus on cases where business logic flaws and high priority vulnerabilities were found ... even with existing security testing processes in place.

Attendees will learn:

Testing methods deployed by our crowd that help them find bugs the scanners miss

Examples of the high quality of bugs our crowd is finding, including P1'sTrends which vulnerability types are found most often and why. What is the ROI on the pay for performance model? Where does the SDLC merge into crowdsourced testing?

Speaker BIO:

BIO:

Leif Dreizler, Senior Security Engineer, Bugcrowd:

Leif is a Senior Security Engineer at Bugcrowd, the innovator in crowdsourced security testing for the enterprise. Prior to joining Bugcrowd, Leif was a Senior Application Security Engineer at Redspin, performing application security assessments. During his time at Redspin he also served as the Application Team Lead, liaising with clients at the engineering and sales level. He has also made minor contributions to the Firebug project. Leif attended the University of California, Santa Barbara where he studied Computer Science. Leif recently spoke to the NYC Security Meet-up group.