Bugcrowd Releases Vulnerability Rating Taxonomy 1.6

Our most recent VRT Council led us through an interesting discussion, ultimately leading us to expedite the release of VRT 1.6. The release includes two major changes: revision to internal SSRF, and how we rate email spoofing, more specifically the baselines around SPF and DMARC. These changes are a direct result of how major email

By Product Updates
Bugcrowd’s VRT 1.5 Offers a Taxonomy Reflective of the Current AppSec Landscape

We are thrilled to announce the newest release of our Vulnerability Rating Taxonomy, VRT 1.5! Updates made in this release are largely contributed to insights collected from the broader security community. In 2017, we decided to accept outsourced feedback by releasing our VRT as an open-source tool through GitHub. Since then, we’ve received an overwhelming

By Product UpdatesProgram Management
Fix Vulnerabilities Faster With Bugcrowd’s New Remediation Advice

Today we are excited to announce Vulnerability Remediation Advice, our newest feature on Crowdcontrol™! With Vulnerability Remediation Advice, Development and Security can accelerate the remediation process, introducing secure coding methodologies that help educate development, improve code velocity and reduce risk. Vulnerability management is a security best practice, but true risk reduction only occurs when the

By Company ResourcesProduct Updates
New Feature: Email Intake — the latest disclosure channel available through Bugcrowd’s VDP

Today we are excited to announce the latest disclosure channel available through Bugcrowd’s Vulnerability Disclosure Program (VDP)  – Email Intake. It’s simple – any third party who wants to report a vulnerability can simply send an email to your organization via a security@ email address, and Crowdcontrol takes care of the rest. This feature expands

By Bugcrowd NewsProduct Updates
Demonstrate Continuous Security Testing with Bugcrowd’s New Program Report

We’re excited to announce our new Program Report, making it easier than ever to share vulnerability assessment data. This professional, “pentest-like” report communicates the right information to the right people and helps demonstrates continuous testing. Let continuous security enable your business to provide assurance to your customers by aligning to best practices. Continuous Security Testing

By Company ResourcesProduct Updates
Bugcrowd Releases Vulnerability Rating Taxonomy 1.4

We are constantly iterating our Vulnerability Rating Taxonomy (VRT), incorporating our learnings into each version update. We are thrilled about our newest release, VRT 1.4, as we received an abundance of constructive feedback through our open-sourced GitHub repository. The upcoming release of our VRT 1.4 includes: Added new entries that address missing, but commonly reported

By Product Updates
Learn the ins and outs of Crowdsourced Security, Managed Bug Bounty and Vulnerability Disclosure ProgramsDownload the Guide
+