BEGIN:VCALENDAR VERSION:2.0 PRODID:-//pretalx//pretalx.com//bsides-tallinn-2025//NS9AXE BEGIN:VTIMEZONE TZID:EET BEGIN:STANDARD DTSTART:20000101T000000 RRULE:FREQ=YEARLY;BYMONTH=1;UNTIL=20001231T220000Z TZNAME:EET TZOFFSETFROM:+0200 TZOFFSETTO:+0200 END:STANDARD BEGIN:STANDARD DTSTART:20021027T050000 RRULE:FREQ=YEARLY;BYDAY=-1SU;BYMONTH=10 TZNAME:EET TZOFFSETFROM:+0300 TZOFFSETTO:+0200 END:STANDARD BEGIN:DAYLIGHT DTSTART:20020331T040000 RRULE:FREQ=YEARLY;BYDAY=-1SU;BYMONTH=3 TZNAME:EEST TZOFFSETFROM:+0200 TZOFFSETTO:+0300 END:DAYLIGHT END:VTIMEZONE BEGIN:VEVENT UID:pretalx-bsides-tallinn-2025-RZQFAY@pretalx.com DTSTART;TZID=EET:20250925T133000 DTEND;TZID=EET:20250925T141500 DESCRIPTION:Are you feeling it...? \n\nThat relentless pressure as your att ack surface expands – but your security resources just can’t keep up? \n\nWe’ve been there at Bolt\, grappling with the exact same challenge. The relentless growth of digital assets\, coupled with limited internal se curity resources has created critical blind spots and persistent exposure to threats. While our product security team excels at developing extensive and scalable security solutions\, we often lack the capacity for the deep \, narrow focus required by every application and service. Traditional pen etration tests\, while valuable for targeted assessments\, by design provi de a time-boxed and limited view\, often leaving vast areas of the attack surface unexamined.\n\nEnter crowdsourced security through bug bounty prog rams – a powerful\, indispensable complement to Bolt’s existing defens es. Imagine leveraging a global\, always-on network of ethical hackers\, e ach bringing unique expertise and a fresh perspective. Unlike the constrai nts of traditional pentests\, these skilled researchers aren't limited by scope or time. They can relentlessly delve into our features and services\ , uncovering subtle\, systemic issues hidden deep within our systems. This collaborative\, continuous approach doesn't just bridge the security reso urce gap\; it dramatically reduces our window of exposure\, transforming v ulnerability management from a reactive burden into a proactive and resili ent defense effort.\n\nJoin this session to uncover:\n* Strategic I ntegration: How crowdsourced security has enhanced our overall vulnerabili ty management framework?\n* Real-World Triumphs & Challenges: Practical in sights into the challenges and undeniable benefits of running a successful bug bounty program.\n* Actionable Intelligence: How to transform raw bug findings into strategic insights that identify systemic weaknesses and inf orm the security roadmap?\n* Unique Discoveries: Why crowdsourced findings often differ from\, and complement\, those from internal teams or traditi onal pentests?\n* Program Playbook: Navigating the critical decision: Is a private or public bug bounty program the right fit for an organization? DTSTAMP:20251016T114458Z LOCATION:Stage 2 SUMMARY:Unleash the Crowd: Lessons from Building a Human Firewall - Allar L auk URL:https://pretalx.com/bsides-tallinn-2025/talk/RZQFAY/ END:VEVENT END:VCALENDAR