top of page
Short. Precise. Effective.
Insights
First Report from the Cyber Safety Review Board
Luta Security CEO's blog post about the CSRB's first report - Review of the December 2021 Log4j Event.
Katie Moussouris
Jul 14, 20223 min read
Vulnerability Disclosure Programs Done the Right Way
Third-party vulnerability disclosure and bug bounty programs should never be the main path to discovering software insecurities.
Luta Security
Dec 14, 20213 min read
Vulnerability Management Process Problems Don’t Resolve on Their Own
Luta Security response to CISA's BOD 22-01
Katie Moussouris
Nov 4, 20212 min read
New Clubhouse Security Vulnerabilities Could Happen to Any Growing Unicorn
Luta's CEO hacked the Clubhouse app; vulns fixed now
Katie Moussouris
Apr 21, 20217 min read
2021 New Year’s Resolutions for VDPs & Bug Bounties
Many of us kick off each new year enthusiastically brimming with more resolutions than a DNS server. We may resolve to get stronger, so...
Luta Security
Dec 17, 20203 min read
FTC’s Settlement with Zoom
In November 2020, the Federal Trade Commission (FTC) announced a settlement with Zoom to reconcile the allegations that the company...
Luta Security
Dec 16, 20204 min read
Who’s in the BBQ pit with USG?
CISA and OMB published instructions for federal agencies on vuln disclosure programs. Sadly, the marching orders are all out of whack.
Luta Security
Sep 2, 20203 min read
bottom of page