Posts by Abby Mulligan
We are consistently asked “How Do I Earn Private Program Invitations?”
Hands down, this is our most commonly asked question from members of our Crowd, so we want to take this opportunity to reemphasize the most important information to keep an eye on if you’re looking to get invited to a private program.
Since 2015, we have consistently used the following performance and activity markers (+ any required technical skills!) to choose our program participants. The criteria we continue to use to determine invites:
Jet.com takes security seriously. One of the first major retailers to launch a bug bounty program more than two years ago, Jet.com began with a private bug bounty program, harnessing a small, curated group of Bugcrowd researchers before launching its public program to the full crowd just four months later.
Last week we announced the categories for our 2nd Annual Buggy Awards which will award a select group of individuals and organizations in the bug bounty space. Today we’re pleased to announce the finalists in these categories in anticipation of the awards ceremony next week.
These finalists represent just a handful of organizations and individuals that make this economy so vibrant and we are thankful to the entire bug bounty community.
We are pleased to announce the categories for this year’s Buggy Awards. These awards represent a select group of individuals and organizations who have done fantastic work in the bug bounty space in the past year.
These awards highlight the achievements of top performing customers and researchers and serve as a reminder about what is essential to maintaining the health of the community as a whole.
There are many key performance indicators (KPIs) of a successful bug bounty program–some that matter more to program owners, and some that matter more to researchers. At bugcrowd we aim at aligning the importance of these KPIs between all involved parties to articulate better what is most helpful and valuable to each.
In this post, we will explore the ever important metric, response time. This value is a key factor in both maintaining a healthy and successful program, as well as keeping researchers engaged and involved. Communication, both in swiftness and effectiveness, is key to staying on the same page throughout the vulnerability reporting and review process. Our recent post regarding proper escalation paths when communication falls through is proof of that.