Going Inside the Mind of an Ethical HackerCasey Ellis of Bugcrowd on Bringing Vulnerabilities Out in the Open So They Can Be Fixed
Casey Ellis, founder and CTO of Bugcrowd, shares insights from the company's annual report, Inside the Mind of a Hacker 2021, which reveals that 8 out of 10 ethical hackers recently identified a vulnerability they had never seen before.
See Also: Managing API Security
He attributes this, in part, to the rapid shift to remote working when "we did a lot of pretty wacky stuff very quickly with technology as the pandemic kicked in."
Ellis advises organizations to assume that "there is going to be a broken thing somewhere, as a baseline." Once businesses make that cultural shift, he says, "all of the things that happen on top to detect risk and then prevent it, and learn from it to try to avoid it in the future become a lot easier because it's not dirty laundry anymore or something to be ashamed of."
In a video interview with Information Security Media Group, Ellis discusses:
- Findings from the Bugcrowd report;
- The gaps in enterprises' defenses that allow vulnerabilities to perpetuate;
- How organizations can adopt the mindset of an ethical hacker to improve their cybersecurity.
Ellis is the founder, chairman and CTO of Bugcrowd. He is a 20-year veteran of information security, servicing clients ranging from startups to multinational corporations as a pentester, security and risk consultant, solutions architect and most recently as a career entrepreneur.