San Francisco, California, United States
Contact Info
15K followers
500+ connections
Articles by Casey
-
Bugcrowd: 10 Years On, and Still Just Getting Started
Bugcrowd: 10 Years On, and Still Just Getting Started
By Casey Ellis
Contributions
-
How do you talk about cybersecurity risks with senior management?
In my experience, it’s all about the metaphors. While risk management in cybersecurity can be a dense, difficult to approach, and esoteric topic, personal safety is something that literally every human on the planet is familiar with. Whenever there’s an opportunity to use a familiar concept to explain an unfamiliar one, I take it. Here’s an example: https://cje.io/2021/06/27/the-bar-fight-risk-taxonomy/amp/
Activity
-
All pen testing, all the time. Instead of relying on intermittent testing to address a backlog of emergent vulnerabilities, you can have assurance…
All pen testing, all the time. Instead of relying on intermittent testing to address a backlog of emergent vulnerabilities, you can have assurance…
Liked by Casey Ellis
-
Goodbye #BlackHat… here are my takeaways: - Security practitioners continue to be on the edge of breakdown - too much to do, not enough…
Goodbye #BlackHat… here are my takeaways: - Security practitioners continue to be on the edge of breakdown - too much to do, not enough…
Liked by Casey Ellis
Experience & Education
Patents
-
Vulnerability detection in IT assets by utilizing crowdsourcing techniques
Issued US 10972494
This invention discloses systems and methods for detecting vulnerabilities in IT assets by utilizing crowdsourcing techniques. A corpus containing vulnerability data of IT assets with known vulnerabilities is established. Vulnerability data in the corpus comprises security aspects or attributes related to the IT assets. The security aspects of an IT asset constitute its attack surface which is represented as a feature vector in a feature space. A determination is made as to how similar/close a…
This invention discloses systems and methods for detecting vulnerabilities in IT assets by utilizing crowdsourcing techniques. A corpus containing vulnerability data of IT assets with known vulnerabilities is established. Vulnerability data in the corpus comprises security aspects or attributes related to the IT assets. The security aspects of an IT asset constitute its attack surface which is represented as a feature vector in a feature space. A determination is made as to how similar/close a target asset whose unknown vulnerabilities are to be detected, is to the rest of the IT assets in the corpus. This determination is made based on a measure of similarity/distance between the respective feature vectors in the feature space. Based on the review of similarity results by a community of researchers/experts, a determination of unknown vulnerabilities in the target system is made.
Other inventorsSee patent -
Vulnerability Detection in IT Assets by utilizing Crowdsourcing techniques
Issued US US20200076847A1
This invention discloses systems and methods for detecting vulnerabilities in IT assets by utilizing crowdsourcing techniques. A corpus containing vulnerability data of IT assets with known vulnerabilities is established. Vulnerability data in the corpus comprises security aspects or attributes related to the IT assets. The security aspects of an IT asset constitute its attack surface which is represented as a feature vector in a feature space. A determination is made as to how similar/close a…
This invention discloses systems and methods for detecting vulnerabilities in IT assets by utilizing crowdsourcing techniques. A corpus containing vulnerability data of IT assets with known vulnerabilities is established. Vulnerability data in the corpus comprises security aspects or attributes related to the IT assets. The security aspects of an IT asset constitute its attack surface which is represented as a feature vector in a feature space. A determination is made as to how similar/close a target asset whose unknown vulnerabilities are to be detected, is to the rest of the IT assets in the corpus. This determination is made based on a measure of similarity/distance between the respective feature vectors in the feature space. Based on the review of similarity results by a community of researchers/experts, a determination of unknown vulnerabilities in the target system is made.
Other inventorsSee patent
Honors & Awards
-
Finalist in RSACs Innovation Sandbox
RSA
Bugcrowd was selected as a Top 10 finalist out of over 2,500 applications, and got the opportunity to pitch to a packed room of 3,000 at RSAC 2015.
Recommendations received
34 people have recommended Casey
Join now to viewOther similar profiles
Explore collaborative articles
We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.
Explore MoreOthers named Casey Ellis in United States
-
Casey Ellis
-
Casey Ellis
Small engine mechanic, YouTuber and affiliate marketer
-
Casey Ellis
Executive Director at EASS
-
Casey Ellis
Lighting Sales | Fine and Studio Arts
113 others named Casey Ellis in United States are on LinkedIn
See others named Casey Ellis