fleet/articles/expeditioners-niels-hofmans.md

# ExpedITioners Podcast
## Niels Hofmans: Threat modeling, open-source collaboration, and bug bounties.

<iframe allow="autoplay *; encrypted-media *; fullscreen *; clipboard-write" frameborder="0" height="175" style="width:100%;max-width:660px;overflow:hidden;background:transparent;" sandbox="allow-forms allow-popups allow-same-origin allow-scripts allow-storage-access-by-user-activation allow-top-navigation-by-user-activation" src="https://embed.podcasts.apple.com/us/podcast/niels-hofmans-threat-modeling-open-source-collaboration/id1641183838?i=1000624915742"></iframe>

Listen to the episode on [Apple](https://podcasts.apple.com/us/podcast/niels-hofmans-threat-modeling-open-source-collaboration/id1641183838?i=1000624915742), [Spotify](https://open.spotify.com/episode/4pZj6mfLvTVJavIVkLULF1?si=wHxOTZVnS3-gsFcoIs4WUw), or [PodBean](https://expeditioners.podbean.com/e/niels-hofmans-threat-modeling-open-source-collaboration-and-bug-bounties/).

### Show notes: 

Niels is the Head of Security at Intigriti, Europe's largest bug bounty platform, which connects 90,000+ security researchers to their customers' assets.

He manages cloud security, SoC, threat intelligence, application security, compliance, detection & response, infrastructure, incident response & more.

When not with his head in the trenches, he spends time writing experimental security tooling or executing various projects for customers.

### Topics discussed:

- How Niels got their start in Cybersecurity.
- Developing proof of concepts for malware and workarounds.
- Making the transition from “amateur hacker” to “professional hacker”.
- What the bug bounty scene is all about.
- Convincing customers and larger names to trust a company like Integriti with confidential information.
- What a procurement process for a bug bounty company looks like.
- Tips for building out security programs and how to prioritize work.
- Returning to the fundamentals of a security threat model.
- Creating win-win situations between community and customers with open-source collaboration.
- The value of open-source.
- Where the security industry should be looking over the next five years.

### Where to get in touch:

- [Find Niels on LinkedIn](https://www.linkedin.com/in/nielshofmans/)
- [Find Niels on GitHub](https://github.com/hazcod/)
- [Intigriti](https://www.intigriti.com/ )

<meta name="category" value="podcasts">
<meta name="authorGitHubUsername" value="zwass">
<meta name="authorFullName" value="Zach Wasserman">
<meta name="publishedOn" value="2023-08-22">
<meta name="articleTitle" value="ExpedITioners podcast with Niels Hofmans">
<meta name="articleImageUrl" value="../website/assets/images/articles/expeditioners-podcast-ep2-1600x900@2x.jpg">
-												Podcast ep 2 w/ Niels Hofmans (#13455)

# Checklist for submitter

If some of the following don't apply, delete the relevant line.

- [ ] Changes file added for user-visible changes in `changes/` or
`orbit/changes/`.
See [Changes
files](https://fleetdm.com/docs/contributing/committing-changes#changes-files)
for more information.
- [ ] Documented any API changes (docs/Using-Fleet/REST-API.md or
docs/Contributing/API-for-contributors.md)
- [ ] Documented any permissions changes (docs/Using
Fleet/manage-access.md)
- [ ] Input data is properly validated, `SELECT *` is avoided, SQL
injection is prevented (using placeholders for values in statements)
- [ ] Added support on fleet's osquery simulator `cmd/osquery-perf` for
new osquery data ingestion features.
- [ ] Added/updated tests
- [ ] Manual QA for all new/changed functionality
  - For Orbit and Fleet Desktop changes:
- [ ] Manual QA must be performed in the three main OSs, macOS, Windows
and Linux.
- [ ] Auto-update manual QA, from released version of component to new
version (see [tools/tuf/test](../tools/tuf/test/README.md)).
											
										
										
											2023-08-22 19:59:41 +00:00
+								# ExpedITioners Podcast
 								## Niels Hofmans: Threat modeling, open-source collaboration, and bug bounties.
 								<iframe allow="autoplay *; encrypted-media *; fullscreen *; clipboard-write" frameborder="0" height="175" style="width:100%;max-width:660px;overflow:hidden;background:transparent;" sandbox="allow-forms allow-popups allow-same-origin allow-scripts allow-storage-access-by-user-activation allow-top-navigation-by-user-activation" src="https://embed.podcasts.apple.com/us/podcast/niels-hofmans-threat-modeling-open-source-collaboration/id1641183838?i=1000624915742"></iframe>
 								Listen to the episode on [Apple](https://podcasts.apple.com/us/podcast/niels-hofmans-threat-modeling-open-source-collaboration/id1641183838?i=1000624915742), [Spotify](https://open.spotify.com/episode/4pZj6mfLvTVJavIVkLULF1?si=wHxOTZVnS3-gsFcoIs4WUw), or [PodBean](https://expeditioners.podbean.com/e/niels-hofmans-threat-modeling-open-source-collaboration-and-bug-bounties/).
 								### Show notes:
 								Niels is the Head of Security at Intigriti, Europe's largest bug bounty platform, which connects 90,000+ security researchers to their customers' assets.
 								He manages cloud security, SoC, threat intelligence, application security, compliance, detection & response, infrastructure, incident response & more.
 								When not with his head in the trenches, he spends time writing experimental security tooling or executing various projects for customers.
 								### Topics discussed:
 								- How Niels got their start in Cybersecurity.
 								- Developing proof of concepts for malware and workarounds.
 								- Making the transition from “amateur hacker” to “professional hacker”.
 								- What the bug bounty scene is all about.
 								- Convincing customers and larger names to trust a company like Integriti with confidential information.
 								- What a procurement process for a bug bounty company looks like.
 								- Tips for building out security programs and how to prioritize work.
 								- Returning to the fundamentals of a security threat model.
 								- Creating win-win situations between community and customers with open-source collaboration.
 								- The value of open-source.
 								- Where the security industry should be looking over the next five years.
 								### Where to get in touch:
 								- [Find Niels on LinkedIn](https://www.linkedin.com/in/nielshofmans/)
 								- [Find Niels on GitHub](https://github.com/hazcod/)
 								- [Intigriti](https://www.intigriti.com/ )
 								<meta name="category" value="podcasts">
 								<meta name="authorGitHubUsername" value="zwass">
 								<meta name="authorFullName" value="Zach Wasserman">
 								<meta name="publishedOn" value="2023-08-22">
 								<meta name="articleTitle" value="ExpedITioners podcast with Niels Hofmans">
 								<meta name="articleImageUrl" value="../website/assets/images/articles/expeditioners-podcast-ep2-1600x900@2x.jpg">