Managing Bug Bounty Programs At Scale – Dr. Jared DeMott – PSW #796
Jared has a long, and outstanding, history in cybersecurity. Today, he works for Microsoft helping them run and respond to bug bounty reports. The scale is massive and I think we can all learn a thing or two about vulnerability management and bug bounties!
Segment Resources:
https://www.microsoft.com/en-us/msrc/bounty?rtc=1 https://www.microsoft.com/en-us/msrc https://msrc.microsoft.com/report/vulnerability/new https://www.microsoft.com/en-us/msrc/bounty https://msrc.microsoft.com/blog/ https://jobs.careers.microsoft.com/global/en/search?q=msrc&l=en_us&pg=1&pgSz=20&o=Relevance&flt=true https://www.microsoft.com/bluehat/
Announcements
Security Weekly listeners: Now is your chance to join the infosec community as they come together at InfoSec World 2023, September 23 – 28, 2023 at Disney's Coronado Spring Resort in Lake Buena Vista, FL. Hear keynotes from Scott Shapiro, Founding Director at Yale CyberSecurity Lab’s and Rachel Wilson, Managing Director and Head of Cybersecurity at Morgan Stanley.
As a Security Weekly community member, you’re able to receive 20% off your InfoSec World 2023 tickets using code ISW23-SECWEEK20! Register today: securityweekly.com/infosecworld2023
Guest
Background: I cut my cyber teeth at the NSA, gaining important vulnerability research skills. I then shared my AppSec knowledge by teaching at various conferences and universities. I was a leader in successful malware, monitoring, and pentest startups.
Industry Passion: I manage a team in Microsoft, protecting products and customers by turning bug bounty reports into fixes for cloud services. I love the field and I’m thankful for the opportunities to make the world a little safer.
Personal Passion: Outside of work, you might find me doing all kinds of random and fun things with my family — traveling, swimming, biking, you name it.
Program Improvements: I bring an entrepreneurial spirit to build fun and inclusive teams that achieve outsized impacts.
