Katie Moussouris is the Founder and CEO of a new company, Luta Security ( lutasecurity.com ), named for the tropical island where her mother was born in the US Commonwealth of the Northern Mariana Islands, a beautiful place that is still home to many members of Katie’s family. Not only is Luta Security the only company offering gap analysis and guidance on ISO 29147 Vulnerability disclosure, and how to implement a vulnerability coordination program (which may or may not include bug bounties), we are also a 100% female-owned and Native Pacific Islander-owned tech company. Luta Security advises companies, lawmakers, & governments on the benefits of hacking & security research to help make the internet safer for everyone. Katie is a hacker – first hacking computers, now hacking policy & regulations.
Katie’s most recent work was in helping the US Department of Defense start the government’s first bug bounty program, called “Hack the Pentagon.” Her earlier Microsoft work encompassed industry-leading initiatives such as Microsoft’s bug bounty programs & Microsoft Vulnerability Research. Katie is also an invited technical expert selected to assist directly in the US Wassenaar negotiations on the inclusion of intrusion software and intrusion software technology, helping to renegotiate broad wording to minimize unintended consequences to the defense of the Internet. She is also a subject matter expert for the US National Body of the International Standards Organization (ISO) in vuln disclosure (29147), vuln handling processes (30111), and secure development (27034). Katie is a visiting scholar with MIT Sloan School, doing research on the vulnerability economy and exploit market.
She is a New America Foundation Fellow and Harvard Belfer Affiliate. Katie is on the CFP review board for RSA, O’Reilly Security Conference, Shakacon, and is an advisor to the Center for Democracy and Technology