New Platform Feature – Advanced Program Search

Today we are launching Advanced Program Search on the Programs list page, an expansive search feature that allows researchers to more easily surface programs that suit their interests. This feature leverages the tokenized search functionality that we have in other places in the app, such as a researcher’s Submissions page. Using 10+ filter keys, a

By Product Updates
ESG Research Insights Report: Security Leadership Study – Trends in Application Security

Today we released the ESG Research Insights Report, Security Leadership Study – Trends in Application Security, revealing what CISOs are looking to prioritize in the year to come.    The report highlights challenges with current application security testing methods, crowdsourced security adoption and benefits, security leadership application security priorities, and DevSecOps adoption within the enterprise.

By Bugcrowd NewsThought Leadership
[Guest Post] Netflix Public Bug Bounty, 1 year later

This blog originally appeared on the Netflix Technology Blog and is authored by Astha Singhal, Netflix Application Security. As Netflix continues to create entertainment people love, the security team continues to keep our members, partners, and employees secure. The security research community has partnered with us to improve the security of the Netflix service for the

By Guest Blogs
Researcher Spotlight: Ambassador Justin Gardner

This week we’re putting the Spotlight on Justin Gardner, a Bugcrowd Ambassador in Richmond, Virginia. Feel free to follow Justin on Twitter @Rhynorater Justin was around 12 years old when he first started learning about computers and how to bypass parental controls. By the age of 14, programming to hack had become an interest and

By Researcher Spotlight
Process For Launching Your Crowdsourced Security Program

Running a successful bug bounty program starts far before the actual program launch date, and is a continuous and iterative process of improving and growing over time. The workflow and lifecycle of a managed bug bounty program can typically be broken down into the following five parts: scoping, implementation, identification of findings, remediation of issues,

By Program Management
Bug Bytes: Hacking for Good, Malware, and Outages (x3)

In early February, the Swiss government issued a reward for hacking its new electronic voting system. In just one short month, Motherboard has reported that a group of researchers have found a critical flaw in the code that would allow someone to alter votes without detection – talk about the power of the bug bounty!

By Cybersecurity News
Bugcrowd Releases Vulnerability Rating Taxonomy 1.7 With New Automotive Security Misconfiguration

We are always updating our Vulnerability Rating Taxonomy (VRT), integrating our learnings into each version update. We are thrilled to announce our latest release, VRT 1.7 in response to our community’s ongoing feedback through our open-sourced GitHub repository. Security misconfiguration can stem from a very simple error, but at the same time can lead to

By Company ResourcesProgram Management
Bugcrowd’s Self-Serve ServiceNow Integration for Crowdcontrol

Finding heaps of vulnerabilities isn’t very useful without a way to action them. That’s why Bugcrowd isn’t just focused on finding more vulnerabilities, we’re focused on helping organizations resolve those findings, faster. Today we’re proud to announce the launch of another SDLC integration that further enable seamless handoff between Security and Development. Introducing: ServiceNow for

By Product Updates
Learn about Trends in Application Security in 2019Download
+