52 min

Safe Harbour Laws for Cyber-Vulnerability Researchers, with Inti de Ceukelaire Cybersecurity Advisors Network

    • Tecnología

CyAN welcomes Inti de Ceukelaire, ethical cybervulnerability researcher, and Chief Hacker Officer at Intigriti, a Belgium-based bug bounty platform.
We talk about a wide range of topics relevant to legal protections of responsible vulnerability researchers and disclosure, using the recently implemented Belgian safe harbor law as a basis for discussion.  Industry and society depend on timely awareness of software vulnerabilities from reliable,. ethical sources such as white hat hackers.  Meanwhile, obsolete computer misuse laws in many countries make 
A few relevant links to topics mentioned in the video:
OECD recommendations for coordinated vulnerability disclosure:  
https://one.oecd.org/document/DSTI/CDEP/SDE(2021)9/FINAL/en/pdf
https://www.oecd.org/digital/encouraging-vulnerability-treatment-0e2615ba-en.htm
OECD paper on vulnerability treatment:
https://one.oecd.org/document/DSTI/CDEP/SDE(2020)3/FINAL/en/pdf
Good Faith Cybersecurity Researchers Coalition:
https://gfcrc.org
Vulnerability reporting to the Centre for Cyber Security Belgium (CCB):
https://ccb.belgium.be/en/vulnerability-reporting-ccb
Intigriti blog on Belgian safe harbor framework:
https://blog.intigriti.com/2023/01/19/new-belgian-legal-framework-gives-safe-harbor-to-ethical-hackers-and-bug-bounty-hunters/
Marcus Hutchins:  
ttps://en.wikipedia.org/wiki/Marcus_Hutchins
St. Louis Post-Dispatch web "hacking" case:  
https://www.washingtonpost.com/media/2021/10/14/mike-parson-st-louis-post-dispatch-hacker/
Gold Standard Safe Harbour Initiative: 
https://www.hackerone.com/press-release/hackerone-announces-gold-standard-safe-harbor-improve-protections-good-faith-security
Bonus old school cultural phenomenon mentions:
Doom II:  https://en.wikipedia.org/wiki/Doom_II
The Cuckoo's Egg, by Cliff Stoll:  https://www.goodreads.com/book/show/18154.The_Cuckoo_s_Egg
Inti's LinkedIn profile:  https://www.linkedin.com/in/intidc/
Intigriti:  https://www.intigriti.com/
Visit us at https://cybersecurityadvisors.network and https://gfcrc.org
Intro/outro music courtesy of Studio Kolomna via Pixabay: https://pixabay.com/users/studiokolomna-2073170/
 
 

CyAN welcomes Inti de Ceukelaire, ethical cybervulnerability researcher, and Chief Hacker Officer at Intigriti, a Belgium-based bug bounty platform.
We talk about a wide range of topics relevant to legal protections of responsible vulnerability researchers and disclosure, using the recently implemented Belgian safe harbor law as a basis for discussion.  Industry and society depend on timely awareness of software vulnerabilities from reliable,. ethical sources such as white hat hackers.  Meanwhile, obsolete computer misuse laws in many countries make 
A few relevant links to topics mentioned in the video:
OECD recommendations for coordinated vulnerability disclosure:  
https://one.oecd.org/document/DSTI/CDEP/SDE(2021)9/FINAL/en/pdf
https://www.oecd.org/digital/encouraging-vulnerability-treatment-0e2615ba-en.htm
OECD paper on vulnerability treatment:
https://one.oecd.org/document/DSTI/CDEP/SDE(2020)3/FINAL/en/pdf
Good Faith Cybersecurity Researchers Coalition:
https://gfcrc.org
Vulnerability reporting to the Centre for Cyber Security Belgium (CCB):
https://ccb.belgium.be/en/vulnerability-reporting-ccb
Intigriti blog on Belgian safe harbor framework:
https://blog.intigriti.com/2023/01/19/new-belgian-legal-framework-gives-safe-harbor-to-ethical-hackers-and-bug-bounty-hunters/
Marcus Hutchins:  
ttps://en.wikipedia.org/wiki/Marcus_Hutchins
St. Louis Post-Dispatch web "hacking" case:  
https://www.washingtonpost.com/media/2021/10/14/mike-parson-st-louis-post-dispatch-hacker/
Gold Standard Safe Harbour Initiative: 
https://www.hackerone.com/press-release/hackerone-announces-gold-standard-safe-harbor-improve-protections-good-faith-security
Bonus old school cultural phenomenon mentions:
Doom II:  https://en.wikipedia.org/wiki/Doom_II
The Cuckoo's Egg, by Cliff Stoll:  https://www.goodreads.com/book/show/18154.The_Cuckoo_s_Egg
Inti's LinkedIn profile:  https://www.linkedin.com/in/intidc/
Intigriti:  https://www.intigriti.com/
Visit us at https://cybersecurityadvisors.network and https://gfcrc.org
Intro/outro music courtesy of Studio Kolomna via Pixabay: https://pixabay.com/users/studiokolomna-2073170/
 
 

52 min

Top podcasts de Tecnología

Acquired
Acquired
Ben Gilbert and David Rosenthal
Loop Infinito (by Applesfera)
Loop Infinito (by Applesfera)
Applesfera
Lex Fridman Podcast
Lex Fridman Podcast
Lex Fridman
Las Charlas de Applesfera
Las Charlas de Applesfera
Applesfera
Emilcar Daily
Emilcar Daily
Emilcar
Inteligencia Artificial
Inteligencia Artificial
Pocho Costa