Skip to main content

Security@ Beyond 2022: Webinar Series

The Learning Continues

Security@ 2022 may be over, but the insights it offered go far beyond the one-day event. Welcome to Security@ Beyond—a 5-part webinar series that continues the conversation about how to protect your constantly evolving attack surface and stay ahead of emerging threats.

What to Expect

For the rest of 2022, we’ll be bringing you thoughtful conversations from a variety of security leaders and ethical hackers, on topics ranging from rethinking ASM to taking a proactive approach to zero days and tackling security mistakes around Web3.

  1. October 26, 8 AM PT

    Build Resistance to Attacks by Unlocking the Value of Ethical Hackers

    Attack surfaces are expanding, spurred on by the continuous release of new digital services and business transformation. In this session you will learn why it’s time to implement an attack resistance management strategy to find unknown risks missed by automated tools, then unlock the security expertise of ethical hackers to close critical gaps, rank risk and prioritize remediations across your attack surface. This session will include live demos of HackerOne's Attack Resistance Management portfolio.

  2. November 2, 8 AM PT

    Protecting Your Attack Surface: Beyond Automation

    Digital transformation, mergers and acquisitions, and cloud migrations have created a security gap. On average, 37% of an organization’s attack surface is unknown or unprotected, leaving the door wide open for a breach. Defensive security tactics and automated scanning cannot find these unknown, vulnerable assets that cybercriminals seek out.

    Join us for an introduction to HackerOne Assets, an attack surface management (ASM) solution that combines continuous automated scanning with a proactive risk assessment from a community of security experts so you can increase your resistance to attack. In this live session, you’ll learn how to:

    • Discover, inventory, risk-rank, and remediate unknown or rogue digital assets
    • Prioritize security testing with continual asset monitoring and tracking
    • Unify attack surface status in a single view to accelerate remediation actions and enable real-time reporting
  3. Nov 16, 8 am PT

    Why Isn’t Anyone Paying Bounties for Zero Days?

    What’s your definition of a zero day? Exactly what a zero day is, and how one should be tackled when it comes to bug bounty, has been a contentious issue for years. Drawing on his experience at Project Zero and as a longstanding member of the hacking community, Chris will explore the evolution of zero days, from Stuxnet to Log4j. He will explain why zero days are not usually rewarded in bug bounty programs and why Log4j was unique in this regard, drawing on hacker and customer data and stories from the incident. Chris will share his philosophy on a ‘pay for value’ approach to zero days and how progressive CISOs can work alongside the hacking community to reduce the risk from zero days, in whichever definition applies.

  4. Coming Soon

    Web3 Bug Bounty and the Decentralized World: Pitfalls and Strategies

    Web3 is a technology that excites, scares, and divides the tech community. But what really is Web3, what are the threats, and what is the use case for Attack Resistance Management? Our panel of experts will dissect Web3’s relationship to cryptocurrency and blockchain, and the security mistakes companies are making as they adopt the technology. Drawing on real examples and data from Web3 bug bounty programs, the panel will cover how ethical hackers view the technology, whether a radically different approach needs to be taken when hacking Web3, and best practices for including Web3 in the scope of your Attack Resistance Management strategy.

  5. Partner Webinar

    More details coming soon.

In Case You Missed It

See what you missed at Security@ main event—6+ hours
of on-demand content to choose from.