To get in touch about speaking at your event, email [email protected]
Media Packet
1,042 items across 6 categories — press, broadcast, stage, and paperwork. Captured, displayed, and archived for posterity.
1,042 items
Press
SearchSecurity reported on CISA's selection of Bugcrowd to provide the platform for a new federal vulnerability disclosure program serving U.S. government agencies. Casey Ellis, Bugcrowd's co-founder and chief technology officer, supported the initiative as part of the company's effort to expand coordinated vulnerability management across the public sector.
Press
The Hacker News published a feature article in 2021 identifying five top bug bounty programs for security researchers to monitor and engage with throughout the year. Bugcrowd, which Ellis co-founded, was included among the platforms highlighted for its role in connecting researchers with organizations seeking vulnerability disclosure.
Broadcast
A podcast episode on Mission.org explores artificial intelligence and technology's effects on society and cybersecurity. Casey Ellis discusses Bugcrowd's founding, the importance of legal pathways for security researchers, and methods organizations can use to establish security-first cultures.
Press
A SearchSecurity feature examines how legal threats under laws like the CFAA can discourage security researchers from disclosing vulnerabilities and conducting important research. Casey Ellis discusses the tension between legal risk and the need for responsible vulnerability disclosure in security research.
Press
Bank Info Security published an analysis examining whether offensive cyber operations against ransomware gangs could effectively disrupt their activities. Casey Ellis discusses the potential risks and legal implications of such aggressive defensive tactics in response to escalating ransomware threats.
Press
CyberWire's Privacy Briefing newsletter from June 2021 examines healthcare data breaches and whether compliance with privacy regulations is driven primarily by fear of financial penalties. Casey Ellis provides analysis on the motivations behind organizational privacy practices and regulatory compliance in the healthcare sector.
Press
Solutions Review published expert commentary on a ransomware attack affecting a Georgia fertility clinic. Ellis discussed the incident's implications for healthcare cybersecurity and the vulnerabilities that made the clinic a target for attackers.
Press
An opinion piece in the Australian Financial Review argues that Australian businesses must prioritize cybersecurity in an increasingly hostile digital environment. Casey Ellis calls for organizations to embed security into their operational strategy rather than treating it as an afterthought to achieve long-term resilience.
Press
CPO Magazine published an analysis of the U.S. Supreme Court's Van Buren v. United States decision, which narrowed the Computer Fraud and Abuse Act's scope. Casey Ellis is cited for his perspective on how the ruling benefits security researchers by providing clearer legal boundaries for vulnerability research and disclosure.
Press
Digital Journal published an analysis of the U.S. Supreme Court's decision narrowing the scope of the Computer Fraud and Abuse Act. Casey Ellis discusses the implications of the ruling for security researchers and the broader cybersecurity landscape.
Broadcast
App Sec Stats Flash podcast segment from May 2021 addresses the role of ethical hackers in cybersecurity. Casey Ellis argues that ethical hackers serve as essential defenders rather than criminals, emphasizing their positive contribution to strengthening security systems.
Patents
U.S. Patent 11,019,091 outlines systems and methods for detecting vulnerabilities in IT assets through crowdsourced analysis of security data and feature vectors. The patent, filed by Casey Ellis, describes how similarity measurements between target systems and a corpus of known vulnerabilities enable community experts to identify previously unknown security weaknesses.
Press
Crowd Sourcing Week published a Q&A interview with Casey Ellis, founder and chairman of Bugcrowd, in May 2021. Ellis discusses the crowdsourced security model and explains how the bug bounty industry addresses vulnerability discovery and remediation at scale.
Press
A Bank Info Security article from May 2021 examines the challenges and opportunities of implementing Security Orchestration, Automation and Response technologies in organizations. Casey Ellis discusses how SOAR deployment requires careful planning and addresses both the technical and operational barriers that security teams encounter during implementation.
Press
An interview published in Bank Info Security examines the evolving landscape of software vulnerabilities and how organizations adapt their security strategies. Ellis discusses the changing dynamics around software flaw discoveries and exploits, addressing shifts in how enterprises approach vulnerability management.
Press
iT Wire published "How might we build a new internet?" in April 2021, exploring theoretical and practical challenges of designing a more secure and resilient internet infrastructure. Casey Ellis contributes perspectives on the foundational security and resilience requirements necessary for internet redesign efforts.
Press
The Daily Swig published an article examining a GitHub repository that documents legal threats faced by ethical hackers during vulnerability disclosure processes. Casey Ellis is cited as a contributor to the repository, which catalogs cases where security researchers encountered legal action despite following responsible disclosure practices.
Stage
A Nullcon stage presentation from March 2021 titled "Security Research and Disclosure: The Unauthorized Biography" features Casey Ellis discussing the evolution of security research and market dynamics. Ellis covers how bug hunters can identify and capitalize on valuable research opportunities within the current threat landscape.
Patents
U.S. Patent 10,972,494, filed in 2021, covers systems and methods for detecting vulnerabilities in IT assets through crowdsourced analysis of security attributes and attack surface comparisons. The patent, which lists Casey Ellis as an inventor, describes using feature vectors and community expert review to identify unknown vulnerabilities in target systems based on similarity measures within a corpus of known vulnerable assets.
Broadcast
ITSPmagazine podcast episode from March 2021 examines the distinction between ethical hackers and malicious cybercriminals. Ellis discusses how non-profit organizations and community groups support legitimate hacking practices that benefit society by enabling security research and vulnerability disclosure.
Press
Duo Security's Plaintext podcast episode five features an interview with Bugcrowd founder Casey Ellis. Ellis discusses the history and evolution of bug bounty programs, the maturation of the industry, and his vision for the future of crowdsourced security.
Press
ITSPmagazine published a feature examining findings from Bugcrowd's 2020 Inside the Mind of a Hacker report. Ellis provided context on demographic data, motivations, and specializations across the global ethical hacker community revealed in the research.
Press
The Supreme Court's decision to narrow the Computer Fraud and Abuse Act was covered by SC Magazine in March 2021. Casey Ellis was cited as welcoming the ruling for its potential to protect security researchers and ethical hackers from overly broad legal interpretations.
Press
Bank Info Security reported on the U.S. Supreme Court's decision in Van Buren v. United States, which narrowed the scope of the Computer Fraud and Abuse Act. Casey Ellis commented on the ruling's implications for security researchers and the vulnerability disclosure landscape.
Broadcast
A 2021 podcast episode from Bugcrowd features Casey Ellis discussing findings from the 2020 Hacker Report alongside other security professionals. Ellis addresses the growing demand for ethical hackers and examines how artificial intelligence may shape the future of cybersecurity.
Broadcast
A February 2021 episode of Cybrary's 401 Access Denied podcast features Casey Ellis and Katie Moussouris discussing vulnerability disclosure programs. Ellis and Moussouris outline best practice steps for organizations to safely receive and act on vulnerability information through formal disclosure programs.
Press
Digital Journal published an article warning about phishing campaigns using fake COVID-19 vaccine emails to steal personal data. Casey Ellis commented on the tactics hackers employ in these scams and advised on protection measures against vaccine-related fraud.
Press
Digital Journal reported on a data breach affecting a Florida-based child welfare organization that exposed sensitive personal information. Casey Ellis provided analysis and guidance on the breach's implications and recommended security measures for similar organizations.
Broadcast
Bugcrowd published a Security Flash video on YouTube examining a critical vulnerability in Microsoft's TCP/IP stack. Casey Ellis explains the vulnerability's potential impact and outlines mitigation steps organizations should take to address the issue.
Press
Bugcrowd published a webinar on January 27, 2021, examining the security failures at Parler during a major breach. Casey Ellis delivers a technical breakdown of the exploited vulnerabilities and discusses lessons in API security practices.