Hi [[ session.user.profile.firstName ]]

Scaling Cybersecurity for Compliance and ROI

Hackers are seeing discrepancies that would’ve normally been caught, but due to overworked and overstretched security teams, they’ve gone ignored. In 2020 alone there were 310% more reports on misconfiguration (HackerOne). These misconfigurations can lead to bigger issues such as compliance violations or avenues for breaches if not reported.

Automation and vulnerability management are just two examples of how organizations are scaling their security to mitigate risk and avoid data breaches.

So, how can you continue to scale your security solutions to avoid risk and reduce your attack surface?

In this session, we will discuss:
- How misconfigurations can become unintentional noncompliances
- How steps organizations take to adopt a hacker-powered security and compliance plan can increase revenue and save costs in the long run
- The benefits of implementing a vulnerability disclosure program (VDP) and how it can streamline a hacker-reporting process
- How to leverage scalable security solutions, and increase revenue

Speakers:
- Yasmin Hayden, Account Executive, Mid-Market EMEA at HackerOne
- Dr. Rebecca Wynn, Global Cyber Security & Strategy SME/Advisor at Guidepoint
Recorded Sep 16 2021 59 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Yasmin Hayden, HackerOne | Dr. Rebecca Wynn, Guidepoint
Presentation preview: Scaling Cybersecurity for Compliance and ROI

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • Hacker-Powered Data - Security Weaknesses and Embracing Risk With HackerOne Dec 29 2021 5:00 pm UTC 27 mins
    Miju Han, HackerOne
    Vulnerabilities are a fact of life; risk comes with it. Today, companies, enterprises, & governments are embracing collaboration with hackers to find vulnerabilities before criminals have a chance to exploit them. Using 6 years of data from 1,300+ bug bounty programs & 100,000+ valid vulnerabilities, this talk offers new analysis of the most common vulnerabilities not found on the OWASP top 10.
  • This is How They Tell Me the World Ends Nov 25 2021 3:00 pm UTC 61 mins
    Alex Rice (HackerOne), Nicole Perlroth (Author) & Sandra McLeod (Zoom)
    On February 9, The New York Times cybersecurity reporter Nicole Perlroth released the highly anticipated book, This is How They Tell Me The World Ends. Within, she reveals the untold story of the cyberweapons market — the most secretive, invisible, government-backed market on earth — and a first look at a new kind of global warfare.

    In this session, HackerOne CTO Alex Rice will moderate a panel featuring Zoom Head of Assurance Sandra McLeod and Nicole Perlroth herself to explore these untold stories, discuss what the future holds for cybersecurity, delve into what enterprises can learn from government cybersecurity, and explore the role hackers play in the past and future of cyber defense, security compliance, and risk reduction.
  • Building a Vulnerability Disclosure Program for Success with IKEA Nov 23 2021 4:00 pm UTC 46 mins
    Nisha Woolfenden - Program Manager, HackerOne & Omar Benbouazza - Senior Security Engineer, IKEA Group
    Vulnerability Disclosure Programs (VDPs) are a clear way to tell the security researcher community how an organization wants them to report a vulnerability and what an organizations' commitment will be to fixing it. They’ve been best practice among progressive tech companies for years and are expanding across new industries, with even governments beginning to mandate them as best practice.

    Get ahead of the game and join HackerOne’s webinar, Building a VDP for Success to learn from our experts and walk away with actionable takeaways to implement a robust and effective VDP:

    - How to assess your current readiness for a VDP
    - How to build a robust policy that yields results and sets a foundation for your hacker-powered security journey
    - Best practices for bringing your organization on board
  • How to Perform Effective Web Application Security Assessments Nov 18 2021 3:00 pm UTC 60 mins
    Leanne Shapton - Portswigger, Joel Noguera - Hacker & Pentester, Cindy Ho - HackerOne
    Security reviews and assessments can take a lot of effort and still not provide the results you are looking for, especially in the face of ever-expanding web portfolios and supply chain risk. Application security teams are already stretched thin. But doing automation right and knowing where and what to look for can save you time and money - and make your organization more secure. HackerOne - curator of the world’s largest ethical hacker community - and PortSwigger - creators of Burp Suite, the world’s leading toolkit for web security testing - bring you key learnings that will help you develop best practices and ensure you’re getting the most from your investments in web security.

    This workshop will provide tips from two perspectives: Leanne Shapton - application security engineer at Shopify and Joel Noguera, white hat ethical hacker. Topics include:

    - Shopify’s approach to incorporate security into product review processes to support the development of their app-store and marketplace
    - How automated vulnerability scanning complements penetration testing, bug bounty programmes and other security processes
    - Advice for how security teams can partner with software developers
    - How to balance automation with human intuition
    - How to identify weaknesses faster to spend more time on what matters
  • How to Use Your Vulnerabilities to Train Your Developers on Security Nov 16 2021 8:00 pm UTC 43 mins
    Prash Somaiya, HackerOne and Jared Ablon, HackEDU
    The idea of secure coding training that covers just what you need, right when you need it, seems too good to be true. But it’s not. Leading development teams are using their own vulnerabilities to train their coders, focusing on their most pressing mistakes while providing a more relevant experience that keeps coders engaged. This workshop will show you how to set up a program, reveal the most common vulnerabilities developers cause, and how to make sure your developers develop a fix that really solves the problem.

    Key Takeaways:
    - Vulnerabilities developers find easiest and hardest to fix
    - The top vulnerabilities that developers “fix” incorrectly
    - Which programming languages have fewer vulnerabilities in production
    - Topics your developers should master to become more secure coders
    - How to develop a training schedule that doesn’t disrupt productivity
  • Beyond the Bounty - The Real Value for Hackers & Organizations Nov 11 2021 11:00 am UTC 59 mins
    Laurie Mercer, Jacob Mattson, Baden Delamore, Katie Paxton-Fear
    HackerOne’s Laurie Mercer will be joined by Jacob Mattsson, Security Lead at online gaming company Kindred Group, who recently went public with their bug bounty program, Baden Delamore, Product Security Lead at Deliveroo and up and coming hacker, Katie Paxton-Fear a.k.a @InsiderPHD.

    3 Key Takeaways:

    - How bug bounty insights have informed Kindred’s development processes
    - What motivates the best bug hunters and keeps them coming back to your program
    - Learn best practises of running a successful bug bounty program
  • Incorporating Pentesting In Your Overall Security Strategy Nov 9 2021 3:00 pm UTC 62 mins
    April Rassa - HackerOne, Justin Berman - Dropbox, George Gershow - Sumo Logic
    In this webinar, learn why your traditional penetration test tools and methods aren't keeping pace with your digital transformation. With hacker-powered pentests, obtain unparalleled speed, coverage and transparency. Secure your entire software lifecycle and satisfy compliance requirements.

    HackerOne was started by hackers and security leaders who are driven by a passion to make the internet safer. Our platform is the industry standard for hacker-powered security. We partner with the global hacker community to surface the most relevant security issues of our customers before they can be exploited by criminals.
  • HackerOne Presents - ISACs Leaders Roundtable: Cybersecurity Secrets Revealed Nov 3 2021 2:00 pm UTC 61 mins
    Alex Rice (HackerOne), Teresa Walsh (FS-ISAC), Carlos Kizzee (RH-ISAC), Peder Jungck (IT-SAC)
    The world has changed. Going into a new year, people remain broadly distributed and applications, systems, and infrastructures have become more vulnerable than ever. In this session, cybersecurity threat intelligence leaders from Financial Services ISAC(TBC), Retail + Hospitality ISAC(TBC), and Information Technology ISAC will come together with HackerOne -- the leading provider of hacker-powered security -- to discuss what the future of the industry holds, how to navigate emerging risks like supply chain security and cloud misconfigurations, key learnings from industry peers, and how to prepare for the new normal.
  • Redefining Application Security with Hacker-Powered Security Oct 28 2021 6:00 pm UTC 18 mins
    Matthew Kempin, HackerOne
    Vulnerabilities are a fact of life. But the consequences of exploits aren’t measured in downtime, they’re measured in millions of dollars — $3.86M according to IBM’s annual Cost of a Data Breach report — and lasting reputational damage. The good news is there is a movement happening – hundreds of thousands of hackers around the globe are hacking companies, not to steal information, but to secure vulnerabilities. In this session, we will discuss the common reasons banks and financial services organizations turn to HackerOne for hacker-powered security solutions, delve into key components of successful programs, and explore success stories from leading financial services organizations.
  • Meet the Hackers Who Hack For Good Oct 26 2021 3:00 pm UTC 56 mins
    HackerOne Network
    Meet the Hackers who #HackForGood. During this panel discussion, you will learn what motivates ethical hackers, how they became ethical hackers and how they use their skills to help businesses maintain a strong security posture.
  • Avoid the Breach with Effective Application Security Testing Oct 19 2021 3:00 pm UTC 41 mins
    Andrew Dunbar - Shopify, Luke Tucker - HackerOne
    Security is a top priority for e-commerce giant Shopify, with over 600,000 businesses in 175 countries trusting them to sell online and everywhere in the world. Join Shopify's Vice President of Security Engineering and IT, Andrew Dunbar, and HackerOne as they discuss best practices for testing and securing your cloud-based web applications. The session will also cover how you can scale application security for high-growth DevOps organizations and the tools and programs Shopify relies on to reduce security risk.
  • Utilizing Hackers to Mitigate Risks Recorded: Oct 12 2021 44 mins
    Yasmin Hayden, HackerOne | Steve Cobb, One Source Communications | Bob Jamieson, CSM International
    According to the 2021 Hacker Report by HackerOne, there has been a 63% increase in the number of hackers submitting vulnerabilities over the last 12 months. In fact, 34% noted that they have seen more bugs due to pandemic-led digital transformation. Evidently, the attack surface has evolved and increased over the last 12 months in response to organizational change. But what kinds of solutions are available to help face this new wave of threat, and how can leaders target and reduce these risks internally?

    Hackers help security teams scale testing across attack surfaces. They provide valuable insight, and specifically, the perspective of an outsider to make sure that your systems and products are secure and well designed. In the last year, it took an average of 16 days for a hacker to report their first bug from joining the platform.

    Ultimately, hackers provide a human perspective - and the ability to protect your organization from future attacks before they even become a problem.

    Join expert thought leaders in this session to learn:
    - How security teams can manage their workload even as new breaches and risks appear
    - Why organizations should consider a hacker-powered pentest to mitigate risks and secure governance
    - How hackers can enhance an organization's security capabilities and improve internal security functions

    Speakers:
    - Yasmin Hayden, Account Executive, Mid-Market EMEA at HackerOne
    - Steve Cobb, CISO at One Source Communications
    - Bob Jamieson, Chief Digital Risk and Security Officer at CSM International
  • Scaling Cybersecurity for Compliance and ROI Recorded: Oct 12 2021 59 mins
    Yasmin Hayden, HackerOne | Dr. Rebecca Wynn, Guidepoint
    Hackers are seeing discrepancies that would’ve normally been caught, but due to overworked and overstretched security teams, they’ve gone ignored. In 2020 alone there were 310% more reports on misconfiguration (HackerOne). These misconfigurations can lead to bigger issues such as compliance violations or avenues for breaches if not reported.

    Automation and vulnerability management are just two examples of how organizations are scaling their security to mitigate risk and avoid data breaches.

    So, how can you continue to scale your security solutions to avoid risk and reduce your attack surface?

    In this session, we will discuss:
    - How misconfigurations can become unintentional noncompliances
    - How steps organizations take to adopt a hacker-powered security and compliance plan can increase revenue and save costs in the long run
    - The benefits of implementing a vulnerability disclosure program (VDP) and how it can streamline a hacker-reporting process
    - How to leverage scalable security solutions, and increase revenue

    Speakers:
    - Yasmin Hayden, Account Executive, Mid-Market EMEA at HackerOne
    - Dr. Rebecca Wynn, Global Cyber Security & Strategy SME/Advisor at Guidepoint
  • Learnings from Hackers on Reducing Application Risk on AWS Recorded: Oct 6 2021 48 mins
    Ben Sadeghipour - HackerOne, Nathanial Lattimer - Grapl, Jesse Kinser - Hacker, Aron Eidelman - AWS
    Our panel of ethical hackers and cloud security leaders will walk through the hows and whys of taking a security-first approach to the cloud:

    - Why misconfigurations and other vulnerabilities put you at risk in the cloud
    - How to implement a security-first design to avoid a cloud disaster
    - The role ethical hackers play in protecting your cloud attack surface
  • Sustaining a Rapid Digital Transformation, Safely Recorded: Oct 5 2021 39 mins
    Yasmin Hayden, Account Executive, Mid-Market EMEA at HackerOne | Anna-Lisa Miller, Group CISO at Spectris
    31% of CISOs accelerated their digital transformation plans before they were ready to accommodate a remote workforce, according to HackerOne’s “COVID Confessions of a CISO”. When organizations were required to work remotely, many of them sped through their digital transformation (DX) to create network and security infrastructures meant to last a few months at most, yet, as remote work continues these infrastructures are now straining to sustain themselves. Now that we are in a position to look back at DX initiatives with the benefit of hindsight, leaders must ask themselves whether their DX efforts were successful or not, from cloud adoption, to the digital workspace.

    As organizations move online they’ll have to modify their network security strategy, transform the way they handle interactions and customer expectations online, and defend themselves against an evolving threatscape.

    So, how can organizations avoid data breaches despite this evolving landscape, and how can leaders continue to adapt to these challenges?

    Join now to learn:

    - How to keep data breaches in mind and avoid them even as your organization is in the midst of a digital transformation
    - The need to scale security to avoid data breaches and prepare against an evolving threatscape
    - Steps to improve your security posture and reassessing your cybersecurity framework
  • Sustaining a Rapid Digital Transformation, Safely Recorded: Oct 5 2021 39 mins
    Yasmin Hayden, Account Executive, Mid-Market EMEA at HackerOne | Anna-Lisa Miller, Group CISO at Spectris
    31% of CISOs accelerated their digital transformation plans before they were ready to accommodate a remote workforce, according to HackerOne’s “COVID Confessions of a CISO”. When organizations were required to work remotely, many of them sped through their digital transformation (DX) to create network and security infrastructures meant to last a few months at most, yet, as remote work continues these infrastructures are now straining to sustain themselves. Now that we are in a position to look back at DX initiatives with the benefit of hindsight, leaders must ask themselves whether their DX efforts were successful or not, from cloud adoption, to the digital workspace.

    As organizations move online they’ll have to modify their network security strategy, transform the way they handle interactions and customer expectations online, and defend themselves against an evolving threatscape.

    So, how can organizations avoid data breaches despite this evolving landscape, and how can leaders continue to adapt to these challenges?

    Join now to learn:

    - How to keep data breaches in mind and avoid them even as your organization is in the midst of a digital transformation
    - The need to scale security to avoid data breaches and prepare against an evolving threatscape
    - Steps to improve your security posture and reassessing your cybersecurity framework
  • Zebra’s Secret Sauce for Securing the Development Lifecycle Recorded: Sep 30 2021 50 mins
    Dr. Jasyn Voshell, Dir of Product Security & Solutions-Zebra Technologies & Ashley Goldstein, ENT Account Executive-HackerOne
    During this 45-minute webinar, Zebra Technologies lets you in on the secret of how they slashed pentesting costs while completing tests at the pace of development and helped cement a secure-by-design mindset organization-wide. You'll learn:

    - How Zebra integrates security across the product release life cycle
    - How adopting hacker-powered security changed Zebra’s culture
    - Steps Zebra took to effectively scale a bug bounty and pentest program with help from HackerOne’s community
  • The Best Crawl, Walk, Run Approach to Bug Bounties Recorded: Sep 14 2021 25 mins
    Tara Hooey & Brad White, HackerOne
    Our “Crawl, Walk, or Run” webinar will help you understand how companies of all sizes and security acumen can launch a bug bounty program at any pace. The webinar features Tara Hooey, a HackerOne program manager responsible for helping onboard and train new customers on everything from bounty structures to understanding program data and interpreting results. If the webinar title didn’t give it away, there’s an approach to starting your own bounty program no matter how big your team, how advanced your security apparatus, or how many resources you have to devote.
  • Why the Future of DevOps Needs Hackers Recorded: Aug 12 2021 36 mins
    Laurie Mercer - HackerOne
    Join Laurie Mercer for an in-depth conversation surrounding hacker-powered security and why DevOps needs hackers to help protect organizations across the globe.
  • Vulnerability Disclosure Program (VDP) Success with CBRE Recorded: Jul 21 2021 34 mins
    Laura Hamel, HackerOne & Greg Belanger, CBRE
    Vulnerability Disclosure Programs (VDPs) are a clear way to tell the security researcher community how an organization wants them to report a vulnerability and what an organizations' commitment will be to fixing it. They’ve been best practices among progressive tech companies for years and are expanding across new industries, with even governments beginning to mandate them as best practices. Get ahead of the game and join HackerOne’s webinar, Building a VDP for Success to learn from our experts and walk away with actionable takeaways to implement a robust and effective VDP:
    - How to assess your current readiness for a VDP
    - How to build a robust policy that yields results and sets a foundation for your hacker-powered security journey
    - Best practices for bringing your organization on board
HackerOne
HackerOne powers the world’s leading bug bounty and vulnerability coordination platform. More than 700 organizations trust HackerOne to find their critical software vulnerabilities before criminals can exploit them. HackerOne has the world's largest community of trustworthy hackers to help improve your organization's defense. Customers include General Motors, Adobe, Uber, the U.S. Pentagon, Salesforce, Twitter, Yahoo!, Dropbox, Square, LinkedIn, Snapchat, Airbnb, New Relic, Qualcomm, Nintendo, Intel and the CERT Coordination Center.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Scaling Cybersecurity for Compliance and ROI
  • Live at: Sep 16 2021 2:00 pm
  • Presented by: Yasmin Hayden, HackerOne | Dr. Rebecca Wynn, Guidepoint
  • From:
Your email has been sent.
or close