Open Source: It’s turtles all the way down.

Open source is an amazing model and tool, and it’s not a stretch to say that open source is in many ways responsible for the rapid acceleration of technology over the last 20 years. The Linux Foundation recently surveyed and found that almost every organization today uses open source code. CTO of the Cloud Native

October 2018 Hall of Fame

Bugcrowd is excited to announce our October 2018 Hall of Fame winners! But before we announce our October winners, business first: We are aware that the newest leaderboards released in October are displaying total points that may not currently match the total points displayed in your Researcher dashboard. We are actively investigating this issue and working

By Winner's Circle
Researcher Spotlight – Phillip Wylie Ambassador

With the recent launch of the Bugcrowd Ambassador program, we will share stories from our global hacker community. This week we’re putting the Spotlight on Phillip Wylie, a Bugcrowd Ambassador in Texas, USA. Follow Phillip on Twitter @PhillipWylie Phillip has a great passion for teaching and mentoring others, leading him to his latest effort: The

By Researcher Spotlight
[Guest Post] The next era of Bug Bounty at Pinterest

This article originally appeared on Pinterest’s engineering blog, written by Devin Lundberg, Pinterest Tech Lead, Product Security. When a security researcher discovers a bug in a piece of software, the responsible thing to do is inform the company so they can fix it. And so platforms like Pinterest need to provide clear and actionable programs,

By Program Launches
Spotlight: Web Vulnerabilities

I’m often asked about the biggest bugs we see come in through the platform. It’s a natural question to ask, as big vulnerabilities elicit ideas of big headline grabbing breaches that affect millions of consumers. In reality, the vulnerabilities that lead to these big breaches are often much more naissant. And the real answer to

By Cybersecurity NewsVulnerabilities
Bugcrowd Releases Vulnerability Rating Taxonomy 1.6

Our most recent VRT Council led us through an interesting discussion, ultimately leading us to expedite the release of VRT 1.6. The release includes two major changes: revision to internal SSRF, and how we rate email spoofing, more specifically the baselines around SPF and DMARC. These changes are a direct result of how major email

By Product Updates
Learn the ins and outs of Crowdsourced Security, Managed Bug Bounty and Vulnerability Disclosure ProgramsDownload the Guide