Hacker Katie Moussouris probably knows more about bug bounties, how companies use and misuse them, and the incentives that they create than just about anyone on the planet. She created Microsoft's first bounty program in 2013 and has spent the years since traveling the world advising companies on how to work with security researchers and whether a bounty program is the right move. IN this episode, she talks with Dennis Fisher about why the security industry keeps making the same mistakes over and over and how the lack of talent on the coding and maintenance side of the equation is hurting security.
Image: Internet Education Foundation, CC BY-NC-SA license.