Process For Launching Your Crowdsourced Security Program

Running a successful bug bounty program starts far before the actual program launch date, and is a continuous and iterative process of improving and growing over time. The workflow and lifecycle of a managed bug bounty program can typically be broken down into the following five parts: scoping, implementation, identification of findings, remediation of issues,

By Program Management
Bugcrowd Releases Vulnerability Rating Taxonomy 1.7 With New Automotive Security Misconfiguration

We are always updating our Vulnerability Rating Taxonomy (VRT), integrating our learnings into each version update. We are thrilled to announce our latest release, VRT 1.7 in response to our community’s ongoing feedback through our open-sourced GitHub repository. Security misconfiguration can stem from a very simple error, but at the same time can lead to

By Company ResourcesProgram Management
Managing Your Crowdsourced Security Program for Success

A growing number of organizations across various industry sectors are adopting crowdsourced security, making it clear that this model is no longer just the future of cybersecurity – it is the here and now. Crowdsourced security is driving organizations to become more productive – and even creative – with their security programs. But if you’re

By Program Management
3 Reasons Why Every Company Should Have a VDP

Too often we see security researchers, whitehat hackers, IT leaders, academics, and journalists reach out to organizations after discovering a vulnerability; only to find that there is no obvious channel to receive such report. With hundreds of vulnerabilities found daily, it’s crucial to provide an obvious and easy way for external parties to report these

By Program ManagementThought Leadership
Streamlining Your AppSec with Bugcrowd & Jira

Building in security testing as part of continuous integration is emerging as an essential requirement in today’s DevOps world.  Making this decision from the start enables those responsible for development and operations to make informed decisions about feature architecture, design, and implementation with full consideration given to necessary security requirements. To do this, fluid communication

By Program Management
Bugcrowd’s VRT 1.5 Offers a Taxonomy Reflective of the Current AppSec Landscape

We are thrilled to announce the newest release of our Vulnerability Rating Taxonomy, VRT 1.5! Updates made in this release are largely contributed to insights collected from the broader security community. In 2017, we decided to accept outsourced feedback by releasing our VRT as an open-source tool through GitHub. Since then, we’ve received an overwhelming

By Product UpdatesProgram Management