Bug Bytes: Hacking for Good, Malware, and Outages (x3)

In early February, the Swiss government issued a reward for hacking its new electronic voting system. In just one short month, Motherboard has reported that a group of researchers have found a critical flaw in the code that would allow someone to alter votes without detection – talk about the power of the bug bounty!

By Cybersecurity News
Bugcrowd Releases Vulnerability Rating Taxonomy 1.7 With New Automotive Security Misconfiguration

We are always updating our Vulnerability Rating Taxonomy (VRT), integrating our learnings into each version update. We are thrilled to announce our latest release, VRT 1.7 in response to our community’s ongoing feedback through our open-sourced GitHub repository. Security misconfiguration can stem from a very simple error, but at the same time can lead to

By Company ResourcesProgram Management
Bugcrowd’s Self-Serve ServiceNow Integration for Crowdcontrol

Finding heaps of vulnerabilities isn’t very useful without a way to action them. That’s why Bugcrowd isn’t just focused on finding more vulnerabilities, we’re focused on helping organizations resolve those findings, faster. Today we’re proud to announce the launch of another SDLC integration that further enable seamless handoff between Security and Development. Introducing: ServiceNow for

By Product Updates
February 2019 Hall of Fame

Bugcrowd is excited to announce our February 2019 Hall of Fame winners. So let’s get to it… here are the Hall of Fame winners! Mikee crushed it and took first place with 440 points! todayisnew came in solid in second place with 430 points, and euler42 rounded out third place with 300 points. Bugcrowd would like

By Winner's Circle
On disclosure, confidentiality, and norms…

A few weeks ago I was tagged by Art Manion of the CERT Coordination Center (CERT/CC) in a tweet asking about Bugcrowd’s approach to disclosure policy defaults. The short version of the thread was concern around a statement in our product documentation which infers that Bugcrowd actively recommends Non-Disclosure as the default policy for our

By Vulnerability Disclosure
Bug Bytes: RSA, Equifax, and Auto – Oh my!

Closing out from RSA this week, where nearly every cyber company was pulling out all the stops, we couldn’t help but notice the extra light shed and proactive efforts made around diversity. In lead up to the conference, the San Francisco Chronicle sat down with Sandra Toms, chief organizer of the RSA Conference, to discuss

By Cybersecurity News
Managing Your Crowdsourced Security Program for Success

A growing number of organizations across various industry sectors are adopting crowdsourced security, making it clear that this model is no longer just the future of cybersecurity – it is the here and now. Crowdsourced security is driving organizations to become more productive – and even creative – with their security programs. But if you’re

By Program Management
Bugcrowd + Doing Better at RSA

Happy RSA week from all of us here at Bugcrowd! As we kick off one of security’s biggest conferences here in our own backyard, we can’t help but reflect on this year’s theme, Better. The theme delivers a broad directive to everyone in the industry, from the board room down to the everyday consumer. It

By Conferences & Events
How Hacking is Driving a New Cybersecurity EconomyRegister Today