Bugcrowd Blog

Bugcrowd's 2017 RSAC + BSides SF Recap

Posted by Payton O'Neal on Feb 17, 2017 2:28:36 PM
We made it through yet another week of craziness that is BSides SF and RSAC. Now we'd like to take a moment to give you a recap of what we were up to and what we enjoyed throughout the week...
 
Our week kicked off Saturday with a great event hosted by ISSA where Casey, Bugcrowd’s CEO was invited to speak on the ‘unlikely romance’ between hackers and companies. 
 
 
 

BSides SF Highlights

It’s not every day that we get to rub elbows with the best hackers on one side and the most innovative security leaders on the other. At DNA lounge on Sunday and Monday, we did. We ate a lot of pizza, reconnected with old friends and colleagues, and learned a thing or two. Here are a few of our favorite talks…
  • Jen Ellis and Josh Feinblum’s ‘Weathering the Storm: The Art of Crisis Communications’ was a great look at how to effectively tell customers and press when poop hits the fan.
  • Security through Visibility: Organizational Communication Strategies for InfoSec Teams by Katie Ledoux
  • How to Build a Security Team and Program with Coleen Coolidge of Twilio  https://twitter.com/Bugcrowd/status/830940709968416768
  • Five Keys to Building an Application Security Program in the Age of DevOps

We also got a chance to interview awesome hacker Aaron Guzman on his recent connected car research. 

 

RSA Conference Highlights

We kicked off RSAC on Monday with a big announcement: a joint integration with Qualys. We are so proud to partner with such an amazing team to bring together the power of automation and crowdsourcing, and are excited to see how this effects the appsec landscape. 
 
It was a big week for our customers as well! We announced two public programs this week, DigitalOcean and Intercom. We also got the opportunity to sit down with a bunch of our customers, including Barracuda, OneLogin and Illumio to get their thoughts on current appsec trends and how bug bounties are helping to close the appsec gap.
  • Listen to OneLogin CISO Alvaro Hoyos speak about the importance of securing customer data and how their private bounty program helps in that pursuit...
  • Hear about Senior Director of Information Security at Barracuda Dave Farrow's current appsec focuses, and how Barracuda is bridging the gap between their engineering and security teams.
Hats off to everyone who spoke, sat on panels, moderated, and keynoted this year. It was quite a robust program this year with over 300 tracks and sessions and a lot of great conversations...
wordcloud.png
Word cloud of 2017 RSAC talk titles
Here are a few of our favorites…
  • Josh Corman's session on the evolution and implications of DevOps since the early days was a refreshing perspective on 
  • It was great getting a peek into what it looks like when enterprise security meets insanely high growth startup in Leigh Honeywell's session about Slack security.
  • Veracode's Chris Wysopal made an appearance to discuss how to more effectively build appsec into your devops practice.
  • Barracuda's Dave Farrow talked about how to build a successful IT security training program. It's always great to see our customers grace the stage at conferences!
  • Our good hacker friend and security researcher, Keren Elezari, spoke about the 'cyber-circus' that is hacking of everyday things & how it will transform our world.
  • Signal Science's Zane Lackey spoke on the appsec and your SDLC. Read our co-written blog post on the subject here.
  • Although it wasn't an RSA talk, Luke Young, one of our top researchers in the Bugcrowd community gave a great talk at Passcode's Bug Bounty Lightning Talks event referencing our Inside the Mind of a Hacker to describe the different motivations of researchers.
Last but not least, we had one fantastic party. Thank you all for joining us at the Old SF Mint on Wednesday evening. We could not be more pleased with the fantastic turnout.  
 
Again, we thank you being part of making yet another RSAC amazing and we look forward to what will follow in the upcoming weeks. Stay tuned for some more exciting updates from us as we continue the discussion on appsec trends and opportunities. Tune in to our upcoming webinar with two infosec thought leaders Kim Green of Zephyr Health, and Brad Arkin, CSO at Adobe. 
 
Bugcrowd Webinar
 
Payton O'Neal

Written by Payton O'Neal