May 2024
1h 45m
Episode 71: In this episode of Critical Thinking - Bug Bounty Podcast Keith Hoodlet joins us to weigh in on the VDP Debate. He shares some of his insights on when VDPs are appropriate in a company's security posture, and the challenges of securing large organizations. Then we switch gears and talk about AI bias bounties, where Keith explains the approach he takes to identify bias in chatbots and highlights the importance of understanding human biases and heuristics to better hack AI.
Follow us on twitter at: @ctbbpodcast
We're new to this podcasting thing, so feel free to send us any feedback here: info@criticalthinkingpodcast.io
Shoutout to YTCracker for the awesome intro music!
------ Links ------
Follow your hosts Rhynorater & Teknogeek on twitter:
https://twitter.com/0xteknogeek
https://twitter.com/rhynorater
------ Ways to Support CTBBPodcast ------
Hop on the CTBB Discord at https://ctbb.show/discord!
We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.
Sign up for Caido using the referral code CTBBPODCAST for a 10% discount.
Today's Sponsor - Project Discovery: https://nux.gg/podcast
Today’s guest: Keith Hoodlet
Resources:
Daniel Miessler's article about the security poverty line
Hacking AI Bias
https://securing.dev/posts/hacking-ai-bias/
Hacking AI Bias Video
https://youtu.be/AeFZA7xGIbE?si=TLQ7B3YtzPWXS4hq
Sarah's Hoodlet's new book
Link to Amazon Page
Timestamps:
(00:00:00) Introduction
(00:04:09) Keith's Appsec Journey
(00:16:24) The Great VDP Debate Redux
(00:47:18) Platform/Hunter Incentives and Government Regulation
(01:06:24) AI Bias Bounties
(01:26:27) AI Techniques and Bugcrowd Contest