Security Unhappy Hour E13 Safe Harbor in Bug Bounties and Vulnerability Disclosure Programs
Title
Security Unhappy Hour – E13 – Safe Harbor in Bug Bounties and Vulnerability Disclosure Programs
Summary
In this episode we are going to talk about safe harbor and other legal considerations of a bug bounty and vulnerability disclosure programs. Lisa Bradley, Katie Noble, Crob and Josh Dembling are joined today by Dr. Amit Elazari. Dr. Amit Elazari is a Director of Global Cybersecurity Policy at Intel Corp. and a Lecturer at UC Berkeley’s School of Information Master in Information and Cybersecurity as well as a member of the External Advisory Committee for the Center of Long Term Cybersecurity. She holds a Doctoral Degree in the Law (J.S.D.) from UC Berkeley and graduated summa cum laude three prior degrees. Her work on security law, computer crime, privacy and intellectual property has been presented and published in leading academic journals, top conferences, and featured at leading news sites such as The Wall Street Journal, The Washington Post and the New York Times. In 2018, she received a UC Berkeley Center for Long-Term Cybersecurity grant for her work on private ordering regulating information security, exploring safe harbors for security researchers. Today she will be speaking with us in a personal capacity.
Things we discuss
Do security researchers have concerns with respect to reporting security vulnerabilities to vendors? Legal or otherwise?
What is ‘Safe Harbor’ in the context of bug bounties and vulnerability disclosure programs? What are some of the key developments we have seen in this landscape lately?
What does it mean to Security Researchers, the Government and Vendors with the growing focus on vulnerability disclosure programs in the emerging regulatory and policy security landscape?
What are some of the industry and emerging best practices and standardization efforts we have seen in this domain?
Who does Safe Harbor protect?
How does a vendor integrate safe harbor into their VDP or BBP terms as well as their culture?
Where does the CFAA or other anti hacking laws fit into this? (probably will be covered already)
Hosts
Josh Dembling –
Lisa Bradley –
Katie Noble –
CRob –
Guest(s)
Dr. Amit Elazari –
More News
TES Announces New Las Vegas Facility to Expand IT Asset Disposition Services in North America
SINGAPORE, March 14, 2023 (Newswire.com)
–
TES, a global leader in sustainable IT asset disposition (ITAD) and IT lifecycle management services, announc…
Mimecast: Ways Spam Filters Can Be Used to Block Phishing Attacks
NEW YORK, March 9, 2023 (Newswire.com)
–
Mimecast: Spam filters are designed with algorithms that scan for certain words or phrases associated with phishing e…
BitLyft Cybersecurity Named a Top 500 Managed Service Provider by CRN for 2023
BitLyft Cybersecurity BitLyft employees collaborate on whiteboard
SAINT JOHNS, Mich., March 9, 2023 (Newswire.com)
–
BitLyft Cybersecurity, a leading …
How to Spot a Spoofed Email
NEW YORK, March 8, 2023 (Newswire.com)
–
iQuanti: Are you worried about falling victim to a spoofed email or phishing attack? You’re not alone. With so much s…
Mimecast: Understanding Internet Safety for Students
NEW YORK, March 8, 2023 (Newswire.com)
–
Mimecast: In today’s digital world, it is important for students to protect themselves from any potential online thre…
Acreto Security Announces Investment Partnership With JLL Spark
NEW YORK, March 7, 2023 (Newswire.com)
–
Acreto Security, the leading provider of instant, enterprise-grade cybersecurity, is pleased to announce an investmen…