Today, we are excited to announce the winners of the 2019 Buggy Awards!

We know that the success of our business, and of the crowdsourced security space, depends on the hard work of our customers and researcher community. For this reason, we feel it’s important to recognize our community for the outstanding work they do. The Buggy Awards honor those who have gone above and beyond in their effort to make the internet a safer place.

Without further ado, here are the winners!

Top Program Awards

The Top Program Awards are awarded to companies that are truly committed to both the Bugcrowd researcher community and to running an outstanding bounty program. Finalists are selected based on a combination of platform program metrics as well as Researcher feedback and nominations.

Best Communication

In previous years, the Most Responsive Program award focused solely on the speed with which an organization responded to a triaged report. While taking action quickly is important, this year we also wanted to recognize Program Owners who have made a commitment to providing quality responses and ongoing engagement on the platform. As a result, this year we’ve changed the name of this award to Best Communication.

2019 Best Communication Award goes to Fiat Chrysler Automobiles


Researchers’ Choice

Throughout the year we survey our Crowd and ask them to nominate their favorite program (and tell us why it rocks!). While it is important to have a well-rounded program, the ultimate decider of success in this category is the Researcher community.

2019 Researchers’ Choice Award goes to Netflix

Congratulations Netflix!


Program of the Year

Program of the Year recognizes the incredible work that goes into creating a successful bounty program. Based on several variables including reward range, communication, scope breadth, and general participation, this award goes to the most well-rounded program managed by Bugcrowd.

2019 Program of the Year Award goes to Atlassian


Top Bug Hunter Awards

Our Bug Hunter Awards acknowledge Researchers for contributions of excellence. This ranges from positively impacting the wider security and Bugcrowd communities, as well as traditional recognition for exceptional individual work on bounty programs. Finalists are selected based on a combination of Researcher platform data metrics and nominations by the Bugcrowd Operations team.

Community Champion

The Community Champion category recognizes Researchers who positively influence the wider Bugcrowd community. These contributions may come in the form of being engagement on social media, contributing to the Bugcrowd GitHub VRT discussions, or by writing valuable reference materials for other Researchers. While these Researchers are all dedicated Crowd members who participate in many Bugcrowd programs, we value their incredible contributions to help level up the Bugcrowd community.

The 2019 Community Champion Award goes to codingo

The recognition motivates me to drive more community engagement. Without proper community initiative, the open source, and the collaborative security world of today would not exist. I am honored to receive this award.

I’ve had the pleasure of meeting a number of people behind Bugcrowd and always taken note of their passion for the industry and desire to give back. I have huge amounts of respect for Abi, @Samhouston, @Arcwhite, @klepas, @Jhaddix and others for their regular engagement within the security community at large, and believe that they’re doing great things for the security industry. — — codingo (Check out codingo on GitHub)

Ambassador Champion

Ambassador Champion recognizes Bugcrowd Ambassadors that have gone above and beyond to educate and spread the word of security testing. Not only do they work tirelessly to help others in the Bugcrowd community, but they’re also helping hackers in their community. This person embodies the spirit of Bugcrowd and its outreach initiatives.

The 2019 Ambassador Champion Award goes to plwylie


P1 Warrior

P1 Warrior recognizes Researchers who focus their attention on the most technically severe vulnerabilities, according to the Bugcrowd VRT. They consistently go above and beyond to provide detailed Proof of Concepts, in-depth written reports, and chained attacks.

The 2019 P1 Warrior Award goes to Mongo

Why do I bug hunt? The bounties are nice, along with the challenge of breaking things that other people have built. I’m glad that my efforts over the past year have been appreciated! — mongo

Rookie of the Year

The Rookie of the Year award is given in recognition of Researchers who joined the Crowd in 2018 and had the best rankings across the following categories for 2018: average technical severity, accuracy, and volume of valid and accepted submissions.

The 2019 Rookie of the Year Award goes to P3t3r_R4bb1t

I think Bugcrowd is much closer to its community and gives back a lot to the researchers. This is for me the most positive point. I think the company culture is more open than other platforms. The communication paths with the program owners (read the blocker feature) also is a big plus, especially when the triage team is not sure about a submission or if researchers have a question about the program.

This rookie of the year award confirmed in a certain way that I have the necessary skills to evolve and be successful in the various bug bounty programs. The award gave me the necessary motivation to continue my journey and step-up to the next level. — P3t3r_R4bb1t

Most Valuable Hacker

Our final award, the Most Valuable Hacker, is in recognition of veteran Researchers with the best-combined rankings across the following categories for 2018: average technical severity, accuracy, and volume of valid and accepted submissions.

The 2019 Most Valuable Hacker Award goes to mongo

What I like about working with Bugcrowd is that the VRT sets out standard priorities for the most common vulnerability types, aligning the expectations of researchers and program owners right from the start. Combined with Bugcrowd’s triage team, this means most interactions with programs go smoothly, which is quite important. — mongo

Congratulations to all of our finalists and year’s winners! 

  • Atlassian
  • Fiat Chrysler Automobiles
  • Indeed
  • Netflix
  • Outreach
  • Zappos
  • Abartan
  • anonymous_007
  • codingo
  • Coding_Karma
  • HackerHero
  • HagaiSason
  • Mert
  • mongo
  • Mrpeuch
  • picklepwns
  • plwylie
  • portswigger_research