Episode 71: In this episode of Critical Thinking - Bug Bounty Podcast Keith Hoodlet joins us to weigh in on the VDP Debate. He shares some of his insights on when VDPs are appropriate in a company's security posture, and the challenges of securing large organizations. Then we switch gears and talk about AI bias bounties, where Keith explains the approach he takes to identify bias in chatbots and highlights the importance of understanding human biases and heuristics to better hack AI.
Follow us on twitter at: https://twitter.com/ctbbpodcast
We're new to this podcasting thing, so feel free to send us any feedback here: info@criticalthinkingpodcast.io
Shoutout to https://twitter.com/realytcracker for the awesome intro music!
====== Links ======
Follow your hosts Rhynorater & Teknogeek on twitter:
https://twitter.com/0xteknogeek
https://twitter.com/rhynorater
====== Ways to Support CTBBPodcast ======
Hop on the CTBB Discord at https://ctbb.show/discord!
We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.
Sign up for https://caido.io/ using the referral code CTBBPODCAST for a 10% discount.
Today’s guest: Keith Hoodlet
Resources:
Daniel Miessler's article about the security poverty line:
https://danielmiessler.com/p/the-cybersecurity-skills-gap-is-another-instance-of-late-stage-capitalism/
Hacking AI Bias:
https://securing.dev/posts/hacking-ai-bias/
Hacking AI Bias Video:
https://youtu.be/AeFZA7xGIbE?si=TLQ7B3YtzPWXS4hq
Sarah's Hoodlet's new book:
https://sarahjhoodlet.com
Link to Amazon Page:
https://a.co/d/c0LTM8U
Timestamps:
(00:00:00) Introduction
(00:04:09) Keith's Appsec Journey
(00:16:24) The Great VDP Debate Redux
(00:47:18) Platform/Hunter Incentives and Government Regulation
(01:06:24) AI Bias Bounties
(01:26:27) AI Techniques and Bugcrowd Contest
