Influentials

Katie Moussouris: A Pioneer in Vulnerability Disclosure and Bug Bounty Programs

Katie Moussouris: A Pioneer in Vulnerability Disclosure and Bug Bounty Programs

Katie Moussouris is an American computer security researcher, entrepreneur, and pioneer in vulnerability disclosure, and is best known for her ongoing work advocating responsible security research. She has created and led several bug bounty programs for major organizations, such as Microsoft, the U.S. Department of Defense, and HackerOne. She is also the founder and CEO of Luta Security, a company that helps governments and organizations design and implement vulnerability disclosure programs and bug bounty programs.

From Biology to Computer Security

Moussouris was interested in computers at a young age and learned to program in BASIC on a Commodore 64 that her mother bought her in 3rd grade. She was the first girl to take AP Computer Science at her high school. She attended Simmons College to study molecular biology and mathematics and simultaneously worked on the Human Genome Project at the MIT Whitehead Institute.

While at Whitehead, she transitioned from a lab assistant to a systems administrator role, and after three years she became the systems administrator for the MIT Department of Aeronautics and Astronautics, where she helped design the computer system for a new lab that was to open in 2000. During this time she also worked as the systems administrator at the Harvard School of Engineering and Applied Sciences.

She moved to California to work as a Linux developer at Turbolinux and started their computer security response program. She was active within the West Coast hacker scene and formally joined @stake as a penetration tester in 2002 by invitation of Chris Wysopal.

Creating Bug Bounty Programs at Microsoft and Beyond

In May 2007, Moussouris left Symantec (where she had founded and managed Symantec Vulnerability Research) to join Microsoft as a security strategist. She founded the Microsoft Vulnerability Research (MSVR) program, which was the first program to allow Microsoft researchers to publish vulnerability research on third-party software affecting Microsoft customers.

She also created the bug bounty program at Microsoft, which was announced in 2013 and offered rewards for finding and reporting vulnerabilities in Microsoft products. She was directly involved in creating the U.S. Department of Defense’s first bug bounty program for hackers, called “Hack the Pentagon”, which was launched in 2016.

She previously served as Chief Policy Officer at HackerOne, a vulnerability disclosure company based in San Francisco, California, where she helped shape the policies and practices of bug bounty programs for various clients, including governments, corporations, and nonprofits.

Leading Luta Security and Advocating for Fair Pay

In 2016, Moussouris founded Luta Security, a company that specializes in helping governments and organizations create scalable vulnerability coordination programs. She is currently the CEO of Luta Security and advises clients on how to design and implement effective vulnerability disclosure programs and bug bounty programs that align with their goals and resources.

She is also an advocate for fair pay and equal opportunities for women and minorities in tech. In 2015, she filed a class-action lawsuit against Microsoft alleging gender discrimination in pay and promotions. The lawsuit is still ongoing as of 2021. In March 2021, she launched the Pay Equity Now Pledge, a campaign that urges companies to commit to transparent pay practices and regular audits to ensure fair compensation for all employees.

Katie Moussouris is a trailblazer in the field of computer security research, vulnerability disclosure, and bug bounty programs. She has created and led several successful programs that have improved the security of software products and systems for millions of users. She is also a role model for women and minorities who aspire to pursue careers in tech. She continues to innovate and influence the industry with her expertise, vision, and passion.

PhotoKristina D.C. Hoeppner

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button