Katie MoussourisJul 14, 20223 minFirst Report from the Cyber Safety Review Board Luta Security CEO's blog post about the CSRB's first report - Review of the December 2021 Log4j Event.
Luta SecurityDec 14, 20213 minVulnerability Disclosure Programs Done the Right WayThird-party vulnerability disclosure and bug bounty programs should never be the main path to discovering software insecurities.
Katie MoussourisNov 4, 20212 minVulnerability Management Process Problems Don’t Resolve on Their OwnLuta Security response to CISA's BOD 22-01
Katie MoussourisApr 21, 20217 minNew Clubhouse Security Vulnerabilities Could Happen to Any Growing Unicorn Luta's CEO hacked the Clubhouse app; vulns fixed now
Luta SecurityDec 17, 20203 min2021 New Year’s Resolutions for VDPs & Bug BountiesMany of us kick off each new year enthusiastically brimming with more resolutions than a DNS server. We may resolve to get stronger, so...
Luta SecurityDec 16, 20204 minFTC’s Settlement with ZoomIn November 2020, the Federal Trade Commission (FTC) announced a settlement with Zoom to reconcile the allegations that the company...
Luta SecuritySep 2, 20203 minWho’s in the BBQ pit with USG?CISA and OMB published instructions for federal agencies on vuln disclosure programs. Sadly, the marching orders are all out of whack.