Hi [[ session.user.profile.firstName ]]

The Stages of Vulnerability Maturity Management with Priceline

How do you elevate your security from simple scanners to a mature vulnerability management program? Join HackerOne to learn more about how you can discover, assess, verify, and remediate vulnerabilities with a continuous and efficient process. We’ll cover how organizations can:
- Use hacker-powered security to find vulnerabilities automated scanners miss
- Triage reported vulnerabilities, reduce false positives, and prioritize the most critical
- Uplevel their security posture by benchmarking against peers
Recorded May 13 2021 42 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Ashish Wharty - Senior VP Engineering, HackerOne, Matthew Southworth - VP, Security Engineering at Priceline
Presentation preview: The Stages of Vulnerability Maturity Management with Priceline

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • Avoid the Breach with Effective Application Security Testing Oct 19 2021 3:00 pm UTC 41 mins
    Andrew Dunbar - Shopify, Luke Tucker - HackerOne
    Security is a top priority for e-commerce giant Shopify, with over 600,000 businesses in 175 countries trusting them to sell online and everywhere in the world. Join Shopify's Vice President of Security Engineering and IT, Andrew Dunbar, and HackerOne as they discuss best practices for testing and securing your cloud-based web applications. The session will also cover how you can scale application security for high-growth DevOps organizations and the tools and programs Shopify relies on to reduce security risk.
  • Scaling Cybersecurity for Compliance and ROI Aug 19 2021 2:00 pm UTC 60 mins
    Panellists TBC
    Hackers are seeing discrepancies that would’ve normally been caught, but due to overworked and overstretched security teams, they’ve gone ignored. In 2020 alone there were 310% more reports on misconfiguration (HackerOne). These misconfigurations can lead to bigger issues such as compliance violations or avenues for breaches if not reported.

    Automation and vulnerability management are just two examples of how organizations are scaling their security to mitigate risk and avoid data breaches.

    So, how can you continue to scale your security solutions to avoid risk and reduce your attack surface?

    In this session, we will discuss:
    - How misconfigurations can become unintentional noncompliances
    - How steps organizations take to adopt a hacker-powered security and compliance plan can increase revenue and save costs in the long run
    - The benefits of implementing a vulnerability disclosure program (VDP) and how it can streamline a hacker-reporting process
    - How to leverage scalable security solutions, and increase revenue
  • Why the Future of DevOps Needs Hackers Aug 12 2021 1:00 pm UTC 36 mins
    Laurie Mercer - HackerOne
    Join Laurie Mercer for an in-depth conversation surrounding hacker-powered security and why DevOps needs hackers to help protect organizations across the globe.
  • Utilizing Hackers to Mitigate Risks Jul 29 2021 2:00 pm UTC 60 mins
    Panellists TBC
    According to the 2021 Hacker Report by HackerOne, there has been a 63% increase in the number of hackers submitting vulnerabilities over the last 12 months. In fact, 34% noted that they have seen more bugs due to pandemic-led digital transformation. Evidently, the attack surface has evolved and increased over the last 12 months in response to organizational change. But what kinds of solutions are available to help face this new wave of threat, and how can leaders target and reduce these risks internally?

    Hackers help security teams scale testing across attack surfaces. They provide valuable insight, and specifically, the perspective of an outsider to make sure that your systems and products are secure and well designed. In the last year, it took an average of 16 days for a hacker to report their first bug from joining the platform.

    Ultimately, hackers provide a human perspective - and the ability to protect your organization from future attacks before they even become a problem.

    Join expert thought leaders in this session to learn:

    - How security teams can manage their workload even as new breaches and risks appear
    - Why organizations should consider a hacker-powered pentest to mitigate risks and secure governance
    - How hackers can enhance an organization's security capabilities and improve internal security functions
  • Sustaining a Rapid Digital Transformation, Safely Jul 8 2021 2:00 pm UTC 60 mins
    Yasmin Hayden, Account Executive, Mid-Market EMEA at HackerOne
    31% of CISOs accelerated their digital transformation plans before they were ready to accommodate a remote workforce, according to HackerOne’s “COVID Confessions of a CISO”. When organizations were required to work remotely, many of them sped through their digital transformation (DX) to create network and security infrastructures meant to last a few months at most, yet, as remote work continues these infrastructures are now straining to sustain themselves. Now that we are in a position to look back at DX initiatives with the benefit of hindsight, leaders must ask themselves whether their DX efforts were successful or not, from cloud adoption, to the digital workspace.

    As organizations move online they’ll have to modify their network security strategy, transform the way they handle interactions and customer expectations online, and defend themselves against an evolving threatscape.

    So, how can organizations avoid data breaches despite this evolving landscape, and how can leaders continue to adapt to these challenges?

    Join now to learn:

    - How to keep data breaches in mind and avoid them even as your organization is in the midst of a digital transformation
    - The need to scale security to avoid data breaches and prepare against an evolving threatscape
    - Steps to improve your security posture and reassessing your cybersecurity framework
  • HackerOne Presents - ISACs Leaders Roundtable: Cybersecurity Secrets Revealed Jun 24 2021 2:00 pm UTC 61 mins
    Alex Rice (HackerOne), Teresa Walsh (FS-ISAC), Carlos Kizzee (RH-ISAC), Peder Jungck (IT-SAC)
    The world has changed. Going into a new year, people remain broadly distributed and applications, systems, and infrastructures have become more vulnerable than ever. In this session, cybersecurity threat intelligence leaders from Financial Services ISAC(TBC), Retail + Hospitality ISAC(TBC), and Information Technology ISAC will come together with HackerOne -- the leading provider of hacker-powered security -- to discuss what the future of the industry holds, how to navigate emerging risks like supply chain security and cloud misconfigurations, key learnings from industry peers, and how to prepare for the new normal.
  • Forrester Study on the Total Economic Impact of Crowdsourced Pen Tests Jun 17 2021 2:00 pm UTC 43 mins
    Jonathan Lipsitz, Amy DeMartine - Forrester Analysts, Luke Tucker - HackerOne
    Is it possible to replace the cost of traditional penetration tests with a Hacker-Powered security program? Join our discussion with Forrester to discuss new application security trends, Forrester's Total Economic Impact Methodology, and their findings when it comes to traditional vs new approaches to cybersecurity.
  • This is How They Tell Me the World Ends Recorded: Jun 9 2021 61 mins
    Alex Rice (HackerOne), Nicole Perlroth (Author) & Sandra McLeod (Zoom)
    On February 9, The New York Times cybersecurity reporter Nicole Perlroth released the highly anticipated book, This is How They Tell Me The World Ends. Within, she reveals the untold story of the cyberweapons market — the most secretive, invisible, government-backed market on earth — and a first look at a new kind of global warfare.

    In this session, HackerOne CTO Alex Rice will moderate a panel featuring Zoom Head of Assurance Sandra McLeod and Nicole Perlroth herself to explore these untold stories, discuss what the future holds for cybersecurity, delve into what enterprises can learn from government cybersecurity, and explore the role hackers play in the past and future of cyber defense, security compliance, and risk reduction.
  • Building a Vulnerability Disclosure Program for Success with IKEA Recorded: May 27 2021 46 mins
    Nisha Woolfenden - Program Manager, HackerOne & Omar Benbouazza - Senior Security Engineer, IKEA Group
    Vulnerability Disclosure Programs (VDPs) are a clear way to tell the security researcher community how an organization wants them to report a vulnerability and what an organizations' commitment will be to fixing it. They’ve been best practice among progressive tech companies for years and are expanding across new industries, with even governments beginning to mandate them as best practice.

    Get ahead of the game and join HackerOne’s webinar, Building a VDP for Success to learn from our experts and walk away with actionable takeaways to implement a robust and effective VDP:

    - How to assess your current readiness for a VDP
    - How to build a robust policy that yields results and sets a foundation for your hacker-powered security journey
    - Best practices for bringing your organization on board
  • Adapting Your Security Development Lifecycle for DevOps Recorded: May 25 2021 47 mins
    Alex Rice, CTO/ Co-Founder HackerOne, Chris Kirsh, Director of Product at Veracode, Chris Wysopal, CTO/Co-Founder at Veracode
    Speakers: Alex Rice and Chris Wysopal
    Moderated by: Chris Kirsch

    KEY TAKEAWAYS
    1. How security and development teams can partner to create a continuous feedback loop without hampering innovation
    2. How security becomes a competitive advantage through balancing speed with risk
    3. How to engage a diverse and creative pool of talent not available in traditional firms to test business-critical applications
  • The Stages of Vulnerability Maturity Management with Priceline Recorded: May 13 2021 42 mins
    Ashish Wharty - Senior VP Engineering, HackerOne, Matthew Southworth - VP, Security Engineering at Priceline
    How do you elevate your security from simple scanners to a mature vulnerability management program? Join HackerOne to learn more about how you can discover, assess, verify, and remediate vulnerabilities with a continuous and efficient process. We’ll cover how organizations can:
    - Use hacker-powered security to find vulnerabilities automated scanners miss
    - Triage reported vulnerabilities, reduce false positives, and prioritize the most critical
    - Uplevel their security posture by benchmarking against peers
  • How to Perform Effective Web Application Security Assessments Recorded: Apr 30 2021 60 mins
    Leanne Shapton - Portswigger, Joel Noguera - Hacker & Pentester, Cindy Ho - HackerOne
    Security reviews and assessments can take a lot of effort and still not provide the results you are looking for, especially in the face of ever-expanding web portfolios and supply chain risk. Application security teams are already stretched thin. But doing automation right and knowing where and what to look for can save you time and money - and make your organization more secure. HackerOne - curator of the world’s largest ethical hacker community - and PortSwigger - creators of Burp Suite, the world’s leading toolkit for web security testing - bring you key learnings that will help you develop best practices and ensure you’re getting the most from your investments in web security.

    This workshop will provide tips from two perspectives: Leanne Shapton - application security engineer at Shopify and Joel Noguera, white hat ethical hacker. Topics include:

    - Shopify’s approach to incorporate security into product review processes to support the development of their app-store and marketplace
    - How automated vulnerability scanning complements penetration testing, bug bounty programmes and other security processes
    - Advice for how security teams can partner with software developers
    - How to balance automation with human intuition
    - How to identify weaknesses faster to spend more time on what matters
  • Secure Your Attack Surface Recorded: Apr 13 2021 33 mins
    Arjun Kolady, Security Solutions Engineer, HackerOne
    When acceleration of your digital program and the pace of innovation ramps up, your need for security also increases. Maintaining an expanding attack surface demands continuous coverage that can be obtained by hacker-powered security.

    Join Arjun for this webinar where he'll cover the problems facing expanding companies deal with, the solutions and benefits to a crowdsourced security plan and tips how to scale your approach.

    HackerOne was started by hackers and security leaders who are driven by a passion to make the internet safer. Our platform is the industry standard for hacker-powered security. We partner with the global hacker community to surface the most relevant security issues of our customers before they can be exploited by criminals.
  • Beyond the Bounty - The Real Value for Hackers & Organizations Recorded: Apr 8 2021 59 mins
    Laurie Mercer, Jacob Mattson, Baden Delamore, Katie Paxton-Fear
    HackerOne’s Laurie Mercer will be joined by Jacob Mattsson, Security Lead at online gaming company Kindred Group, who recently went public with their bug bounty program, Baden Delamore, Product Security Lead at Deliveroo and up and coming hacker, Katie Paxton-Fear a.k.a @InsiderPHD.

    3 Key Takeaways:

    - How bug bounty insights have informed Kindred’s development processes
    - What motivates the best bug hunters and keeps them coming back to your program
    - Learn best practises of running a successful bug bounty program
  • Incorporating Pentesting In Your Overall Security Strategy Recorded: Mar 18 2021 61 mins
    April Rassa - HackerOne, Justin Berman - Dropbox, George Gershow - Sumo Logic
    In this webinar, learn why your traditional penetration test tools and methods aren't keeping pace with your digital transformation. With hacker-powered pentests, obtain unparalleled speed, coverage and transparency. Secure your entire software lifecycle and satisfy compliance requirements.

    HackerOne was started by hackers and security leaders who are driven by a passion to make the internet safer. Our platform is the industry standard for hacker-powered security. We partner with the global hacker community to surface the most relevant security issues of our customers before they can be exploited by criminals.
  • Meet the Hackers Who Hack For Good Recorded: Feb 1 2021 56 mins
    HackerOne Network
    Meet the Hackers who #HackForGood. During this panel discussion, you will learn what motivates ethical hackers, how they became ethical hackers and how they use their skills to help businesses maintain a strong security posture.
  • Contemplating the Future of Collaboration & Security (NOAM) Recorded: Dec 17 2020 16 mins
    Michiel Prins, Co-Founder, HackerOne, Amanda Berger, VP of Customer Success, HackerOne
    HackerOne VP of Customer Success Amanda Berger will recap learnings and reflections from Security@ 2020, securing ecosystems not assets, and Chief Product Officer G Vives will discuss product roadmap, vision, and what lies ahead for the future of collaboration and cybersecurity.
  • A Hacker's Guide to Shopify's GraphQL API (NOAM) Recorded: Dec 17 2020 29 mins
    Jennifer Newton, Senior Application Security Engineer at Shopify
    Shopify uses GraphQL for both their developer-facing and undocumented APIs. They noticed that bugs in new functionality can go unreported. Learn how the team created the roadmap for researchers on how to effectively discover new functionality in Shopify APIs, and how they can get started testing it.
  • How A Bug Becomes A Fix (NOAM) Recorded: Dec 17 2020 39 mins
    Robin Lunde, LINE, Youngsung Kim, LINE, Ron Chan, Hacker, Prash Somaiya, HackerOne
    From testing to vulnerability report, to validation, to CVSS, to security team, to developer...now what? In this session LINE will trace the path of a bug from hacker to fix and feed it back into the SDLC, and all the communication that happened along the way.
  • Fireside Chat: Shifting the Culture of Cybersecurity (NOAM) Recorded: Dec 17 2020 43 mins
    Justin Berman, Head of Security, Dropbox, Amanda Berger, SVP of Customer Success, HackerOne
    Cybersecurity is an industry built on a foundation of firewalls, black boxes, and a shield mentality. Yet, innovation and agility breeds in a culture of openness and shared knowledge. This fireside chat will cover how leaders and security teams bridge security defense with industry collaboration."
HackerOne
HackerOne powers the world’s leading bug bounty and vulnerability coordination platform. More than 700 organizations trust HackerOne to find their critical software vulnerabilities before criminals can exploit them. HackerOne has the world's largest community of trustworthy hackers to help improve your organization's defense. Customers include General Motors, Adobe, Uber, the U.S. Pentagon, Salesforce, Twitter, Yahoo!, Dropbox, Square, LinkedIn, Snapchat, Airbnb, New Relic, Qualcomm, Nintendo, Intel and the CERT Coordination Center.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: The Stages of Vulnerability Maturity Management with Priceline
  • Live at: May 13 2021 5:00 pm
  • Presented by: Ashish Wharty - Senior VP Engineering, HackerOne, Matthew Southworth - VP, Security Engineering at Priceline
  • From:
Your email has been sent.
or close