By Michael Hamel Jun 9, 2021Improving Report Quality through Submission Editing by the Bugcrowd ASE Team Bugcrowd's Application Security Engineers now have the ability to edit submissions when triaging vulnerability reports. Just over a month ago we launched Draft Submissions & Autosave for researchers. This enhancement to the submission workflow provides a way for researchers to… Read More
By Bugcrowd Researcher Success Jun 8, 2021ZwinK’s Tips and Tricks to Crush Bug Bounty #2 Greetings fellow bounty hunters! If you are looking for tips, tricks, insights, or otherwise helpful information related to the wonderful world of bounty-hunting with Bugcrowd, I am almost, nearly practically certain that you have come to the right place! My… Read More
By Michael Hamel Jun 4, 2021Announcing our MVPs for Q1! As a platform, Bugcrowd has no limit to the amount of amazing researchers who work their butts off to squash some incredible bugs, but every once in a while a researcher comes along and reaches a level that we can’t… Read More
By Bugcrowd Researcher Success Jun 1, 2021ZwinK’s Tips and Tricks to Crush Bug Bounty #1 Greetings fellow bounty hunters! If you are looking for tips, tricks, insights, or otherwise helpful information related to the wonderful world of bounty-hunting with Bugcrowd you have come to the right place! My name is “ZwinK”, and I started bounty… Read More
By Andy White May 27, 2021How Bugcrowd sees Vulnerability Disclosure Programs and Points Starting June 1st at 17:00 Pacific Time (UTC-7), points on VDPs will be disabled. If you have already obtained points on VDPs, they will not disappear. Vulnerability Disclosure: It’s very important A vulnerability disclosure policy sets the rules of engagement… Read More
By Erica Azad May 26, 2021Vulnerability Disclosure Programs: Luxury or Necessity? Many organizations recognize the value and benefits of a Vulnerability Disclosure Program (VDP). But what are some of the consequences of not having a VDP? This infographic explores this question and examines if VDPs are a necessity or a luxury.… Read More
By Grant McCracken May 25, 2021Why You Can Trust The Crowd One of the most common questions we encounter in conversations around crowdsourced security programs is : “why would I invite researchers to hack my assets?”, “why should I trust the crowd?”, or some variant thereof. There are different permutations around… Read More
By Bugcrowd Product Marketing May 20, 2021Infographic: What are Vulnerabilities? Vulnerabilities are components of code that can be exploited to negatively impact the security of data, systems, people, or IP. According to ISO/IEC 29147:2018, a vulnerability is, "a behavior or set of conditions present in a system, product, component, or… Read More
By Bugcrowd Researcher Success May 13, 2021Expiring Invites – Program Invites Update Starting Monday, May 17th at 17:00 Pacific Time (UTC-7), unaccepted invites will now expire after 8 calendar days. At Bugcrowd, we place researchers first. When you receive an invitation, you’ve been able to sit idle on it and accept it… Read More
By Bugcrowd May 12, 2021Vulnerability Disclosure Policy: What is It & Why is it Important? A vulnerability disclosure policy sets the rules of engagement for an ethical hacker to identify and submit information on security vulnerabilities. Vulnerability disclosure policies establish the communications framework for the report of discovered security weaknesses and vulnerabilities. This enables all… Read More
