RVAsec 2017: Managing Crowdsourced Security Testing

This June at RVAsec 2017 I continued the discussion of metrics that reflect the effort spent on vuln discovery via crowdsourced models. It analyzes data from real-world bounty programs and pen tests in order to measure how time and money might both be invested wisely in finding vulns.┬áHere are the slides for my presentation. We …

RVAsec 2013: JavaScript Security & HTML5

Here are the slides for my presentation at this year’s RVAsec, JavaScript Security & HTML5. Thanks to all who attended! RVAsec, held in Richmond, VA, is a relatively new conference. But one complete with hardware badges, capture the flag, and pizza and donuts for breakfast. So, yeah, mark your calendar for next year; it’s a …