Bug Bounty Guru Katie Moussouris Will Help Hackers and Companies Play Nice

Katie Moussouris was profiled in Wired:

As Chief Policy officer at HackerOne, Katie Moussouris helped the Defense Department launch its Hack-the-Pentagon program—the first federal bug bounty program that promises to pay hackers who uncover vulnerabilities in the DoD’s public-facing web sites. That was after spending three years to convince Microsoft to launch its first bug bounty program in 2013. And now Moussouris is branching out as an independent consultant to help companies and organizations interested in launching bug bounty programs move from the thinking stage to the doing phase.

“There’s huge momentum not just in the government space, but in private industry, where you’re seeing all types of vendors, not just tech vendors, … working with hackers,” she says. From medical device manufacturers and healthcare organizations to car companies and home appliance makers, companies that never considered themselves software vendors are now having to grapple with some of the same issues that Microsoft and Google face. As they add more digital code to their products, they have to worry about software vulnerabilities and patches. With that comes an increasing need to work respectfully with the community of white hat hackers and researchers who find and report vulnerabilities to them.

“We are riding this big wave where hackers are more and more being viewed as helpful as opposed to harmful,” she says. “That’s where I want to help.”