2019 will be an interesting year. Security leaders have a daunting task — identifying where their vulnerabilities are fast and how to fix them…before it’s too late. The risks are there and with more complex systems, security will be more difficult than ever. Virtual Environments Physical security is typically integrated on the perimeter of a
Penetration testing has become common practice for vulnerability assessment over the past decade. There are several reasons why people do pentests. Identifying risky vulnerabilities for developers to address is great practice for risk reduction. That being said, many times the reasons to commission pentests is regulatory compliance, customer expectation, or contractual requirements — just to
Bugcrowd takes its founding role in the crowdsourced security market very seriously. We believe that it’s our responsibility to keep on top of the needs of our customers and the Crowd. As a team, we’re borderline obsessive about taking and incorporating feedback – iterating and improving to ensure success for both parties in this incredibly
Michael Jordan once said, “Champions are made, not born.” There exists many variants to this saying, by many different people The saying speaks to the fact that hard work, determination, and never giving up are the main ingredients for success. I am lucky to work with many champions at Bugcrowd. But the true champions are
As a security company, our customers expect us to have a mature world-class security program. Their data is sensitive, and they expect the companies that store it on their behalf, to have the best security measures in place to keep it secure. At Bugcrowd, we’re constantly updating our security, and each step we take
As we saw in 2017, the number of data breaches and cyber-attacks is not slowing down. What’s more, security leaders are still focused on finding and investing in defensive tools to combat cybercrime. And yet still, adversaries are getting more innovative and outpacing what tools are able to defend. We no longer live in a
We hit a big milestone for Bugcrowd today. We are excited to announce we’re ISO 27001 certified! ISO 27001 is one of the most widely recognized and internationally accepted information security standards. It’s one of the few standards that uses a top-down, risk-based approach to evaluation. It identifies requirements and specifications for a comprehensive Information Security
The bug bounty market is growing quickly. While an increasing number of organizations are embracing the concept, there still remains some confusion and ambiguity around paying hackers for vulnerabilities. Events like recently disclosed Uber breach illustrate this confusion. I’ll take this opportunity to clarify and define this rapidly evolving market.
Last week, we released our second annual Inside the Mind of a Hacker 2.0 report. We dove into different hacker profiles, their motivations for hacking, and the impact building a relationship makes on a successful bug bounty program. We found lots of interesting stats on our bug hunting community, both expected and surprising.