Database Security

Authentication

Privacy

Compliance

Identity & Access Management

Security Monitoring

Advanced Threats

Insider Threats

Vulnerability Management

Network Computing Dark Reading

Advertise

About Us

Author

Profile of Katie Moussouris

Chief Policy Officer, HackerOne

Member Since: 5/11/2015
Author
News & Commentary Posts: 2
Comments: 0

Katie Moussouris is the Chief Policy Officer for HackerOne, a platform provider for coordinated vulnerability response & structured bounty programs. She is a noted authority on vuln disclosure & advises lawmakers, customers, & researchers to legitimize & promote security research & help make the internet safer for everyone. Katie's earlier Microsoft work encompassed industry-leading initiatives such as Microsoft's bounty programs & Microsoft Vulnerability Research. She is also a subject matter expert for the US National Body of the International Standards Organization (ISO) in vuln disclosure (29147), vuln handling processes (30111), and secure development (27034). Katie is a visiting scholar with MIT Sloan School, doing research on the vulnerability economy and exploit market. She is a New America Foundation Fellow. Katie is an ex-hacker, ex-Linux developer, and persistent disruptor.

Articles by Katie Moussouris

View Content By Month

Mad World: The Truth About Bug Bounties

8/13/2015
What Oracle CSO Mary Ann Davidson doesn’t get about modern security vulnerability disclosure.
Post a Comment

Vulnerability Disclosure Deja Vu: Prosecute Crime Not Research

5/12/2015
There is a lesson to be learned from a locksmith living 150 years ago: Attackers and criminals are the only parties who benefit when security researchers fear the consequences for reporting issues.
Post a Comment

Hot Topics

Editors' Choice

Making the Case for a Cybersecurity Moon Shot

Adam Shostack, Consultant, Entrepreneur, Technologist, Game Designer, 2/19/2019

New Free Tool Scans for Chrome Extension Safety

Dark Reading Staff 2/21/2019

Privacy Ops: The New Nexus for CISOs & DPOs

Amit Ashbel, Security Evangelist, Cognigo, 2/18/2019

Live Events

Webinars

More UBM Tech
Live Events

Drive Your Business and Career Forward at Interop19

Interop 2019 - The Unbiased IT Conference

Enterprise Connect 2019 - Build Your Comms & Collaboration Future

White Papers

[SANS] The Need for Speed: Integrated Threat Response

2018 Cyberthreat Defense Report

[Report] The Evolution of the Secure Software Lifecycle

[ESG Report] Endpoint Security Must Include Rapid Query & Remediation Capabilities

Want to Stay In Front of Breaches? Train Like The Marines.

More White Papers

Video

All Videos

Cartoon

Latest Comment: We won't cut you loose as long as you don't slow us down!

Cartoon Archive

Current Issue

5 Emerging Cyber Threats to Watch for in 2019

Online attackers are constantly developing new, innovative ways to break into the enterprise. This Dark Reading Tech Digest gives an in-depth look at five emerging attack trends and exploits your security team should look out for, along with helpful recommendations on how you can prevent your organization from falling victim.

Download This Issue!

Back Issues | Must Reads

Flash Poll

All Polls

Reports

How Enterprises Are Attacking the Cybersecurity Problem

Data breach fears and the need to comply with regulations such as GDPR are two major drivers increased spending on security products and technologies. But other factors are contributing to the trend as well. Find out more about how enterprises are attacking the cybersecurity problem by reading our report today.

Download Now!

How Enterprises Are Using IT Threat Intelligence

0 comments

Online Malware and Threats: A Profile of Today's Security Posture

0 comments

The Risk Management Struggle

0 comments

More Reports

Twitter Feed

Tweets about "from:DarkReading OR @DarkReading"

Bug Report

Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database

CVE-2019-8955
PUBLISHED: 2019-02-21

In Tor before 0.3.3.12, 0.3.4.x before 0.3.4.11, 0.3.5.x before 0.3.5.8, and 0.4.x before 0.4.0.2-alpha, remote denial of service against Tor clients and relays can occur via memory exhaustion in the KIST cell scheduler.

CVE-2019-1698
PUBLISHED: 2019-02-21

A vulnerability in the web-based user interface of Cisco Internet of Things Field Network Director (IoT-FND) Software could allow an authenticated, remote attacker to gain read access to information that is stored on an affected system. The vulnerability is due to improper handling of XML External E...

CVE-2019-1700
PUBLISHED: 2019-02-21

A vulnerability in field-programmable gate array (FPGA) ingress buffer management for the Cisco Firepower 9000 Series with the Cisco Firepower 2-port 100G double-width network module (PID: FPR9K-DNM-2X100G) could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) conditio...

CVE-2019-6340
PUBLISHED: 2019-02-21

Some field types do not properly sanitize data from non-form sources in Drupal 8.5.x before 8.5.11 and Drupal 8.6.x before 8.6.10. This can lead to arbitrary PHP code execution in some cases. A site is only affected by this if one of the following conditions is met: The site has the Drupal 8 core RE...

CVE-2019-8996
PUBLISHED: 2019-02-21

In Signiant Manager+Agents before 13.5, the implementation of the set command has a Buffer Overflow.

Terms of Service
Privacy Statement
Legal Entities

To save this item to your list of favorite Dark Reading content so you can find it later in your Profile page, click the "Save It" button next to the item.

If you found this interesting or useful, please use the links to the services below to share it with other readers. You will need a free account with each service to share an item via that service.
Tweet This
[close this box]