Bugcrowd Blog

Keith Hoodlet

Trust & Security Engineer

Recent Posts

The Personalities That Put the “Crowd” in Bugcrowd (Part 2 of 3)

Posted by Keith Hoodlet on Dec 7, 2017 9:02:00 AM

Previously, in The Personalities that Put the “Crowd” in Bugcrowd (Part 1 of 3), I covered both the “Knowledge-Seeker” and “Hobbyist” personality types as part of the five distinct personalities that make up our crowd of over 65,000 security researchers. In order for companies to run successful bug bounty programs, it's important to understand researcher motivations - and to that end I will be covering the next two personality types in this post: those being “Full-Timer” and “Virtuoso”. If you want to learn more about all five personalities, along with other interesting data and metrics about our crowd - check out our Inside the Mind of a Hacker 2.0 report. And with that, let’s dive right in!

Read More
Interesting, Research and Reports, Thought leadership

The Personalities That Put the “Crowd” in Bugcrowd (Part 1 of 3)

Posted by Keith Hoodlet on Dec 1, 2017 6:02:00 AM

Last week, David Baker (Bugcrowd’s Chief Security Officer) released a blog post discussing why it's important to understand researcher motivations in order to run a successful bug bounty program. Furthermore - to enable current and future customers to get a better handle on what drives security researchers at Bugcrowd - we released the Inside the Mind of a Hacker (version 2.0) report covering a broad range of metrics around who the Crowd is comprised of; including data on age, level of education, geographic location, and most importantly - what motivates us (and I use the term “us”, because I myself am a security researcher on Bugcrowd).

Read More
Interesting, Researcher Resources, Thought leadership

MacOS High Sierra: Getting to the Root of the Problem

Posted by Keith Hoodlet on Nov 28, 2017 2:49:41 PM

What we know so far

Earlier today it was publicly disclosed that Apple’s MacOS High Sierra contains a trivially-exploitable flaw, which allows malicious individuals to generate a persistent root access account to your system. It is not readily apparent whether or not this vulnerability is remotely exploitable, but out an of abundance of caution there are several steps you can take immediately to protect your system.

Read More
Interesting, Thought leadership, Cybersecurity News