Fixing the Internet's Auto-Immune Problem: Bilateral Safe Harbor for Good-Faith Hackers

Back to the list of Speakers and Sessions
This talk provides an overview of Safe Harbor in the context of good-faith hacking and introduces a current effort to create a standardized, open-source platform via disclose.io

Thousands of organizations have already adopted the idea of inviting good-faith hacking to hack into their systems via vulnerability disclosure, bug bounty and next-gen pen test programs. Even so, the risk of prosecution under anti-hacking laws still casts a cloud over the hackers who are trying to help, and many programs haven't removed this risk by including Safe Harbor language within their program policies. It's not intentional -- the simple truth is that the market has progressed so rapidly that most have implemented crowdsourced security programs without realizing this issue, nor do they know how to how to fix it. Bilateral Safe Harbor language enables program owners to not only provide a strong incentive for good-faith hackers in terms of explicit legal protection, but also to outline exactly what constitutes "good-faith" hacking for their organization, and leave legal protections against malicious hackers intact.

This talk provides an overview of Safe Harbor in the context of good-faith hacking and introduces a current effort to create a standardized, open-source, easily readable legal boilerplate for disclosure program owners all around the world to use.


Chloé Messdaghi Tech Changemaker, Stand Out In Tech

Chloé Messdaghi is an award-winning changemaker who is innovating tech and information security sectors to meet today and tomorrow demands. For over 10 years, she has accelerated startups through solutions that empower organizations and people to stand out from the tech crowd. She is an international keynote speaker at major information security and tech conferences and events, and serves as a trusted source for national and sector reporters and editors, such as Forbes and Business Insider. Additionally, she is one of the Business Insider’s 50 Power Players of Cybersecurity, a SC Magazine honoree, Cybersecurity Advocate of the Year, and Cybersecurity Women of the Year by Cybersecurity Excellence Awards.

Outside of her work, she is the cofounder of WoSEC and Hacking is NOT a Crime, and founder of WeAreHackerz. She holds a Master of Science from The University of Edinburgh, and a BA in International Relations from University of California, Davis, as well as executive education certificates from Wharton and Cornell.

Learn more: https://www.standoutintech.com Connect on LinkedIn/Instagram/Twitter @ChloeMessdaghi