Today, we sat down with Trey Ford from Bugcrowd to talk about ethical hacking.
One of the most memorable phrases from ancient Rome is Quis custodiet custodes? (Who Watches the Watchman?).
This ancient admonition has direct application to federal cybersecurity. We know federal agencies spend millions of dollars to protect data. How does one ensure the contracted companies are doing their jobs?
Traditionally, an organization would use penetration testers, contractors, or basic scanning methods. However, today's attack surfaces are expanding, and malicious actors are innovating so rapidly that we are being forced to consider more creative options.
In other words, an annual penetration test against an AI-inspired attack is too focused to be effective.
The innovation Bugcrowd brings to the table is a community of researchers who can attack a system from many perspectives.
During the discussion, you will learn about federal vulnerability disclosure programs, how to overcome talent shortages, and how Bugcrown vets its research community.
Trey Ford also touches on the FedRAMP journey, AI integration, and the evolving cybersecurity landscape, stressing the need for human creativity and dynamic responses to threats.
Connect to John Gilroy on LinkedIn https://www.linkedin.com/in/john-gilroy/
Want to listen to other episodes? www.Federaltechpodcast.com
Federal Tech Podcast: for innovators, entrepreneurs, and CEOs who want to increase reach and improve brand awareness