Katie Moussouris is the Founder and CEO of Luta Security, the first and only firm to offer expert business solutions architecture consulting based on ISO 29147 Vulnerability disclosure, ISO 30111 Vulnerability handling processes, and the Vulnerability Coordination Maturity Model (VCMM), the final one created by Katie Moussouris herself. Katie leads her company to launch vulnerability coordination programs for companies in both the public and private sectors, as well as informing clients about vulnerability discovery, coordination, and disclosure.
Katie helped the US Department of Defense start the government’s first bug bounty program, called “Hack the Pentagon,” and “Hack the Army”, as well as helped advise on the DoD’s ongoing vulnerability disclosure program. Katie created Microsoft’s bug bounty programs, and started Microsoft Vulnerability Research. She is also a subject matter expert for ISO standards in vuln disclosure (29147), vuln handling processes (30111), and secure development (27034). Katie is a visiting scholar with MIT Sloan School, doing research on the vulnerability economy and exploit market. She is a New America Foundation Fellow and Harvard Belfer Affiliate. Katie is also part of the official US Wassenaar delegation. She is on various CFP review boards, and is an adviser to the Center for Democracy and Technology.
Bio last updated on October 5, 2017