In the culture of security, research is revered and marketing is abhorred. Sadly, the latter reputation is often earned because vendors often compromise security research, or programs developed to ultimately protect users, in an effort to demonstrate their technical talent or increase sales.
During this keynote, Jennifer Leggio will address “logo disclosure” and how it creates sensationalism and spectacle; analyze the difference between authentic bug bounty programs versus those that “virtue signal” through marketing; and, while there is good debate about evolving Coordinated Disclosure, the risk created by companies that violate disclosure to try to diminish competitors, sell more wares, or unethically highlight research prowess. This risk that is created by overly aggressive marketers can outweigh the merits of truly great research.
