Hacking isn't just for bad guys in hoodies! That's right — though we almost always associate hacking with sophisticated actors abusing software for criminal purposes, there's more to the story: despite what we see on TV and movies, hacking isn't always sophisticated, nor inherently nefarious.
In this talk, we'll examine the instrumental role legitimate security research has in improving AppSec industry-wide. We'll explore how after a long tradition of distrust, organizations have started to embrace white-hat hackers through coordinated disclosure and bug bounty programs. As we cover examples of real-world vulnerabilities spanning multiple research areas, you'll get a sense of the impact security research has on the safety of our software and the future of our digital lives.
Audience: Developers, Information security practitioners with AppSec experience
Randy Westergren is a senior lead software engineer at Marlette Funding where his passion for software development, DevOps, AppSec, and other facets of enterprise architecture coalesce. Though primarily focused on engineering, he's recognized as an industry leader for his information security research, some of which has been featured in Forbes, PC Magazine, and CNET.