By Luke Stephens Feb 18, 2021How to Find XXE Bugs: Severe, Missed and Misunderstood Introduction Every time I see an opportunity to attempt an External Entity Injection (XXE) attack I get excited. In my experience it has a high chance of success when compared to many other vulnerability types. Many of the XXE exploitation… Read More
By Bugcrowd Feb 16, 2021Complete Guide to Pentesting Penetration testing is a key cybersecurity best practice. Most organizations understand the need for it, but like many things in the industry, penetration testing can be a bit confusing. This blog covers penetration testing 101, helping to uncover the basics,… Read More
By Luke Stephens Feb 5, 2021The 10 Most Common Bugs of 2021 So Far, and How to Find Them! We're a whole month into 2021 already - and what a month it has been! Something that I always find fascinating is keeping an eye on the most common bug classes that get submitted through our platform. I think that… Read More
By Bugcrowd Product Marketing Feb 5, 2021Benefits of Penetration Testing Penetration testing (or pentesting) is a critical part of maintaining and fortifying your IP, network, and physical security. It involves giving professional pen testers permission to hack, test, and identify potential vulnerabilities in existing and new systems, networks, and apps,… Read More
By Breonna Burrell Feb 1, 2021Hack Your Career! Introducing the Bugcrowd Scholar Program With so many avenues to explore in the Information Security community alone, taking the next step in your career can be a daunting task without the right guidance and support. Whether you’re just getting started in the Crowd or looking… Read More
By Erica Azad Jan 28, 202110 Ways to Save with Bug Bounty Bug bounties are a pay-for-results approach to proactive security testing designed to maximize discovery of high-impact vulnerabilities. Through managed bug bounty programs, organizations are given access to thousands of highly skilled and thoroughly vetted security researchers ready to help organizations… Read More
By Bugcrowd Jan 26, 20212020 Bugcrowd Product Highlights The Bugcrowd platform continued to evolve on our three key priorities to integrate better with your security workflows, provide security expertise on-demand, and personalize your user experience. Here’s a review of the platform capabilities that we built in 2020. Security… Read More
By Lauren Craigie Jan 20, 2021Top Challenges of Traditional Pen Tests Penetration testing (or pen testing) has become common practice for vulnerability assessment over the past decade. There are several reasons why people do pen tests. Identifying risky vulnerabilities for developers to address is great practice for risk reduction. That being… Read More
By Grant McCracken Jan 10, 2021All You Need to Know About Bug Bounty Testing Environments If you’re looking to set up a bug bounty program, we've already covered step zero, setting your scope, and the importance of focus areas, as well as some considerations to make around exclusions on your program. For those of you… Read More
By Breonna Burrell Dec 17, 2020You’ve Got Mail! – Receiving Bugcrowd Private Program Invites Understanding and building trust with the researcher community is a fundamental part of the program invite process here at Bugcrowd. The more you share with us about yourself and your skills, the faster we can get you on the right… Read More