Bugcrowd’s VRT 1.5 Offers a Taxonomy Reflective of the Current AppSec Landscape

We are thrilled to announce the newest release of our Vulnerability Rating Taxonomy, VRT 1.5! Updates made in this release are largely contributed to insights collected from the broader security community. In 2017, we decided to accept outsourced feedback by releasing our VRT as an open-source tool through GitHub. Since then, we’ve received an overwhelming

By Product UpdatesProgram Management
Fix Vulnerabilities Faster With Bugcrowd’s New Remediation Advice

Today we are excited to announce Vulnerability Remediation Advice, our newest feature on Crowdcontrol™! With Vulnerability Remediation Advice, Development and Security can accelerate the remediation process, introducing secure coding methodologies that help educate development, improve code velocity and reduce risk. Vulnerability management is a security best practice, but true risk reduction only occurs when the

By Company ResourcesProduct Updates
New Feature: Email Intake — the latest disclosure channel available through Bugcrowd’s VDP

Today we are excited to announce the latest disclosure channel available through Bugcrowd’s Vulnerability Disclosure Program (VDP)  – Email Intake. It’s simple – any third party who wants to report a vulnerability can simply send an email to your organization via a security@ email address, and Crowdcontrol takes care of the rest. This feature expands

By Bugcrowd NewsProduct Updates
Demonstrate Continuous Security Testing with Bugcrowd’s New Program Report

We’re excited to announce our new Program Report, making it easier than ever to share vulnerability assessment data. This professional, “pentest-like” report communicates the right information to the right people and helps demonstrates continuous testing. Let continuous security enable your business to provide assurance to your customers by aligning to best practices. Continuous Security Testing

By Company ResourcesProduct Updates
Bugcrowd Releases Vulnerability Rating Taxonomy 1.4

We are constantly iterating our Vulnerability Rating Taxonomy (VRT), incorporating our learnings into each version update. We are thrilled about our newest release, VRT 1.4, as we received an abundance of constructive feedback through our open-sourced GitHub repository. The upcoming release of our VRT 1.4 includes: Added new entries that address missing, but commonly reported

By Product Updates
Prioritizing Risk Using Researcher Submissions

Historically, vulnerability management programs have focused exclusively on vulnerabilities from automated tools; however, the success of any vulnerability management program relies on its ability to automatically consolidate vulnerability data and prioritize the remediation of each risk. Vulnerabilities discovered by a community of researchers significantly expand the visibility of an organization’s security risks and should always

By Product Updates
New Feature: Known Issue Sharing Increases Program Visibility to Heighten the Focus of Crowdsourced Security Testing

We are excited to announce that organizations can now increase the visibility into their program with known issue sharing. Sharing known issues will disclose categories of vulnerabilities, based on Bugcrowd’s Vulnerability Rating Taxonomy (VRT), that have been discovered on a specific target to better direct a researcher’s testing efforts towards low-touch targets and less commonly

By Product Updates