Platform Update: Image Embedding Live

At Bugcrowd, our researchers pride themselves on submitting well-written, detailed reports that allow customers to easily understand the impact of the vulnerability discovered. Today we’re taking a big step forward in this process and have updated the Bugcrowd Crowdcontrol platform to support image embedding in a researcher’s bug submission! Over the past year we increasingly

By Product Updates
New Platform Feature – Advanced Program Search

Today we are launching Advanced Program Search on the Programs list page, an expansive search feature that allows researchers to more easily surface programs that suit their interests. This feature leverages the tokenized search functionality that we have in other places in the app, such as a researcher’s Submissions page. Using 10+ filter keys, a

By Product Updates
Bugcrowd’s Self-Serve ServiceNow Integration for Crowdcontrol

Finding heaps of vulnerabilities isn’t very useful without a way to action them. That’s why Bugcrowd isn’t just focused on finding more vulnerabilities, we’re focused on helping organizations resolve those findings, faster. Today we’re proud to announce the launch of another SDLC integration that further enable seamless handoff between Security and Development. Introducing: ServiceNow for

By Product Updates
Bugcrowd’s Self-Serve GitHub Integration for Crowdcontrol

Surfacing high-value, critical vulnerabilities is the #1 biggest attractor for organizations considering crowdsourced security, according to the 2019 Bugcrowd CISO survey. However, the #1 most frequently cited barrier to doing more with those findings, is the lack of integration between application security tools and application development tools. In other words, finding the stuff that’s broken

By Product Updates
Bugcrowd Releases Vulnerability Rating Taxonomy 1.6

Our most recent VRT Council led us through an interesting discussion, ultimately leading us to expedite the release of VRT 1.6. The release includes two major changes: revision to internal SSRF, and how we rate email spoofing, more specifically the baselines around SPF and DMARC. These changes are a direct result of how major email

By Product Updates
Bugcrowd’s VRT 1.5 Offers a Taxonomy Reflective of the Current AppSec Landscape

We are thrilled to announce the newest release of our Vulnerability Rating Taxonomy, VRT 1.5! Updates made in this release are largely contributed to insights collected from the broader security community. In 2017, we decided to accept outsourced feedback by releasing our VRT as an open-source tool through GitHub. Since then, we’ve received an overwhelming

By Product UpdatesProgram Management