Can bug bounty programs be designed to protect consumer privacy and how do programs balance white hat disclosure versus companies sitting on vulnerabilities until they are fixed?

Despite numerous talks about IoT vulnerabilities at RSAC this week, a clear resolution on a fixes is nowhere in sight.

Researchers show why keeping a handle on user credentials is just as hard in the cloud as it is on local networks.

Private intelligence gathering firm LocalBlox leaked data on 48 million users that was scraped from Facebook, LinkedIn, Zillow and other sites.

Threatpost’s Tom Spring and Lindsey O’Donnell talk about the top security trends that they are watching out for at the 2018 RSA Conference this week in San Francisco.

Bruce Schneier talks about the early days of the RSA Conference, his campaign for IoT regulation, and more.

Bruce Schneier talks about the early days of the RSA Conference, his campaign for IoT regulation, and more.

Howard Schmidt, top cybersecurity advisor to two U.S. presidents, died on Thursday at the age of 67.

Katie Moussouris on how bug bounty programs have gone mainstream, the success of Hack the Pentagon and Hack the Army, and where things stand with the Wassenaar Arrangement.

Mike Mimoso and Chris Brook recap RSA and discuss the news of the week including the impact of Cloudflare’s “Cloudbleed” bug, Google breaking SHA-1, and more.