Episode 25 – Securing The Crowd with Nicolas Valcarcel

The crowd.  Recently gaining attention again due to some news events that were much ado about nothing, there is still a bit of a mystery with crowdsourcing and how best to secure it.  Organizations like Bug Crowd and HackerOne have shown it can be used for specific security tasks, but what about in general?  Nicolas Valcarcel joins me on this episode to share his thoughts and experience with security the crowd and what organizations should be aware of when considering using the crowd for their own purposes. Some links of interest: Crowd Security Whitepaper - https://github.com/nxvl/crowd-security How to Make the Most of Mechanical Turk How We Maintain a Trustworthy Rainforest Tester Network The Pros and Cons of Using Crowdsourced Work How We Train Rainforest Testers AWS re:Invent: Managing Crowdsourced Testing Work with Amazon Mechanical Turk Virtual Machine Security: The Key Steps We Take to Keep Rainforest VMs Secure @nxvl Want to reach out to the show?  There's a few ways to get in touch! Show's Twitter: @PurpleSquadSec John's Twitter: @JohnsNotHere Podcast Website: purplesquadsec.com Sign-Up for our Slack community: https://signup.purplesquadsec.com John's Peerlyst Profile: https://www.peerlyst.com/users/john-svazic Thanks for listening, and I will talk with you all again next time. Find out more at http://purplesquadsec.com

Om Podcasten

Information Security, InfoSec, CyberSec, Cyber, Security, whatever you call it, we talk about it! From mobiles and desktops to data centers and the cloud, Purple Squad Security is here to help and give back to our community of information security professionals. We cover security topics for the red team, blue team, purple team, whatever team! We are a community of professionals, and this is one man's attempt to give back. CISSP, CISM, CEH credits can be obtained here! Also happy to provide info for OSCP, OSCE, and other Offensive Security certified professionals.