In this session, Tod Beardsley (runZero) sits down with Rishi Sharma (ProjectDiscovery) to discuss the origins and impact of Nuclei, an open-source framework that has revolutionized how security teams validate vulnerabilities. Rishi explains that Nuclei was born out of the need to cut through the noise generated by traditional vulnerability scanners, which often flag thousands of potentially vulnerable instances based on version detection alone. By using simple, YAML-based templates, Nuclei allows security professionals to describe the exact steps a human would take to verify an exploit, providing a clear signal of which assets are truly at risk and need immediate remediation.
The conversation delves into the power of community-driven security, highlighting how Nuclei’s simple template structure has enabled global collaboration. With contributions from pentester's, bug bounty hunters, and researchers around the world, the framework can now produce verified exploit templates in hours rather than days. Rishi notes that this speed is critical in a landscape where the time to exploit is shrinking, and he details how ProjectDiscovery’s bug bounty program incentivizes researchers to not only write new templates but also validate existing ones to ensure high quality and reduce false positives.
Meet Our Speakers
todb
VP of Security Research, runZero
Rishiraj Sharma
Co-Founder & CEO ProjectDiscovery.io
Get the latest news and expert insights delivered in your inbox.
