Event Details

CYBER THURSDAY: Learnings from Hyatt’s Public Bug Bounty Program Launch

March, 28: 1:00 – 2:00 p.m. EST // noon – 1:00 p.m. CST // 10:00  – 11:00 a.m. PST

In January of 2019, Hyatt Hotels and Resorts announced a public bug bounty program in partnership with HackerOne. This program invites ethical hackers to review all of Hyatt’s guest-facing IT systems for any potential vulnerabilities or bugs in their environment. In just two months, this program has resulted in accelerated identification and fixing of potential weaknesses to these sites and has allowed Hyatt to remediate gaps quickly to mitigate risks. In this webinar, Hyatt’s CISO Ben Vaughn shares learnings from their program launch, information on the terms and conditions put in place with HackerOne and provides some examples of the bugs that have been uncovered.

Key Takeaways:

  • Hyatt’s Application Security program foundations, and what led them to a Bug Bounty Program
  • Some interesting bug reports received as examples of what traditional penetration tests don’t find
  • Hyatt’s plans to expand the Bug Bounty Program

This webinar is open to RH-ISAC Core Members only. Email events@rhisac.org to RSVP today!