There are many crowdsourcing vulnerability discovery techniques available today, making it difficult for testers to choose an approach that finds important vulnerabilities while offering the best bang for the buck. Join Mike Shema as he shares several years of real-world data that will help you understand the different discovery techniques, such as bug bounty programs and scanners, and the best time to use each technique. Mike also will discuss how your approach may change according to your lifecycle, and ways to think about integrating security within that process. You'll see how metrics...
Mike Shema
Cobalt.io
Mike Shema is Vice President of SecOps and Research at Cobalt.io. Mike's experience with information security includes managing product security teams, building web application scanners, and consulting across a range of information security topics but that’s for work. For fun he writes books and blog posts about information security, with an infusion of references to music, sci-fi, and horror to keep the topics entertaining. His books include Anti-Hacker Tool Kit and Hacking Web Apps. He has taught hacking classes and presented research at conferences around the world. Passionate about this fascinating topic, he can be also followed on Twitter.