Bug bounties, vulnerability disclosure, PTaaS, fractional pentesting - Grant McCracken - ASW #306

05 Nov 2024 • 32 min • EN
32 min
00:00
32:08
No file found

After spending a decade working for appsec vendors, Grant McKracken wanted to give something back. He saw a gap in the market for free or low-cost services for smaller organizations that have real appsec needs, but not a lot of means to pay for it. He founded DarkHorse, who offers VDPs and bug bounties to organizations of all sizes for free, or for as low of cost as possible. While not a non-profit, the company's goal is to make these services as cheap as possible to increase accessibility for smaller or more budget-constrained organizations. The company has also introduced the concept of "fractional pentesting", access to cyber talent when and how you need it, based on what you can afford. This implies services beyond just offensive security, something we'll dive deeper into in the interview. We don't see DarkHorse ever competing with the larger Bug Bounty platforms, but rather providing services to the organizations too small for the larger platforms to sell to. Show Notes: https://securityweekly.com/asw-306

From "Application Security Weekly (Video)"

Listen on your iPhone

Download our iOS app and listen to interviews anywhere. Enjoy all of the listener functions in one slick package. Why not give it a try?

App Store Logo
application screenshot

Popular categories