skip to Main Content
Bugcrowd is constantly looking for ways to improve the crowdsourced experience for program owners and researchers alike. Today’s feature release accomplishes both. While Bugcrowd offers full program management for all of our products and services, we also appreciate the value…
The Vulnerability Rating Taxonomy (VRT) is a living project that is continually updated thanks to contributions from the broader security community to our open-sourced GitHub repository. Today, Bugcrowd is thrilled to announce the culmination of these most recent efforts, VRT…
The recent explosion of cloud and SaaS offerings from a cross-industry wave of digital transformation has made it harder than ever for organizations to accurately assess their entire attack surface. While asset discovery and management tools chip away at the…
“First priority vulnerability in under 24 hours.” “10x more high priority vulnerabilities than traditional testing.” “Annual impact of two full time resources in under a week.” The benefits of crowdsourced vulnerability discovery programs are compelling. But I’m sure if you’re…
Last week Bugcrowd attended Gartner's annual Security and Risk Management Summit in Washington, D.C. While I know what a city built on a swamp does to your hair, I'm still happy to return every June to catch up with analysts,…
Last week we attended the Financial Services Information Sharing and Analysis Center (FS-ISAC) cybersecurity summit in Orlando, Florida. The event was a first for a few on our team but certainly not for many of the attendees we spoke to,…
Is my stuff secure? At their core, penetration tests answer two critical questions: Is my stuff secure? How do you know? Q1 is pretty straightforward. If the answer is ‘no,’ then Q2 consists of a list of vulnerabilities discovered. But…
Finding heaps of vulnerabilities isn’t very useful without a way to action them. That’s why Bugcrowd isn’t just focused on finding more vulnerabilities, we’re focused on helping organizations resolve those findings, faster. Today we’re proud to announce the launch of…
Surfacing high-value, critical vulnerabilities is the #1 biggest attractor for organizations considering crowdsourced security, according to the 2019 Bugcrowd CISO survey. However, the #1 most frequently cited barrier to doing more with those findings, is the lack of integration between…
#DevSecOps #SecDevOps #OpsSe.. you get it. InfoSec has a knack for transient buzzwords that imply the problem while teeing-up the solution. The prefix “NextGen” does this beautifully- ‘the legacy method is obsolete; this new thing is better.’ ‘SecDevOps’ is…
