Bugcrowd’s Self-Serve GitHub Integration for Crowdcontrol

Surfacing high-value, critical vulnerabilities is the #1 biggest attractor for organizations considering crowdsourced security, according to the 2019 Bugcrowd CISO survey. However, the #1 most frequently cited barrier to doing more with those findings, is the lack of integration between application security tools and application development tools. In other words, finding the stuff that’s broken

By Product Updates
Bugcrowd Releases Vulnerability Rating Taxonomy 1.6

Our most recent VRT Council led us through an interesting discussion, ultimately leading us to expedite the release of VRT 1.6. The release includes two major changes: revision to internal SSRF, and how we rate email spoofing, more specifically the baselines around SPF and DMARC. These changes are a direct result of how major email

By Product Updates
Bugcrowd’s VRT 1.5 Offers a Taxonomy Reflective of the Current AppSec Landscape

We are thrilled to announce the newest release of our Vulnerability Rating Taxonomy, VRT 1.5! Updates made in this release are largely contributed to insights collected from the broader security community. In 2017, we decided to accept outsourced feedback by releasing our VRT as an open-source tool through GitHub. Since then, we’ve received an overwhelming

By Product UpdatesProgram Management
Fix Vulnerabilities Faster With Bugcrowd’s New Remediation Advice

Today we are excited to announce Vulnerability Remediation Advice, our newest feature on Crowdcontrol™! With Vulnerability Remediation Advice, Development and Security can accelerate the remediation process, introducing secure coding methodologies that help educate development, improve code velocity and reduce risk. Vulnerability management is a security best practice, but true risk reduction only occurs when the

By Company ResourcesProduct Updates
New Feature: Email Intake — the latest disclosure channel available through Bugcrowd’s VDP

Today we are excited to announce the latest disclosure channel available through Bugcrowd’s Vulnerability Disclosure Program (VDP)  – Email Intake. It’s simple – any third party who wants to report a vulnerability can simply send an email to your organization via a security@ email address, and Crowdcontrol takes care of the rest. This feature expands

By Bugcrowd NewsProduct Updates
Demonstrate Continuous Security Testing with Bugcrowd’s New Program Report

We’re excited to announce our new Program Report, making it easier than ever to share vulnerability assessment data. This professional, “pentest-like” report communicates the right information to the right people and helps demonstrates continuous testing. Let continuous security enable your business to provide assurance to your customers by aligning to best practices. Continuous Security Testing

By Company ResourcesProduct Updates
Back by Popular Demand, Join us at Mayhem at the Mint on Tuesday, March 5th, 2019!Register Today
+