skip to Main Content
This website use cookies which are necessary to its functioning and required to achieve the purposes illustrated in the privacy policy. To learn more or withdraw consent please click on Learn More. By continued use of this website you are consenting to our use of cookies.

Posts by Lauren Craigie

Top Challenges of Traditional Pen Tests

Penetration testing (or pen testing) has become common practice for vulnerability assessment over the past decade. There are several reasons why people do pen tests. Identifying risky vulnerabilities for developers to address is great practice for risk reduction. That being…

Read More

Reducing Noise in Crowdsourced Security

More people → more coverage → more vulnerabilities. While the crowdsourced model provides a plethora of benefits, it’s tough to deny one of the core reasons many choose it. A larger pool of pay-per-finding security researchers are more likely to…

Read More

Can the Crowd Handle Network Pen Testing?

Advances in firewalls and cloud security providers have greatly reduced risk to network infrastructure. But these advances have only served to deter low-level threats, while failing to combat complex risk from highly skilled malicious attackers. Modern penetration testing can help,…

Read More

5 Things to Ask Your Web App Pen Test Provider

If you’re more than 3 minutes into your search for a Web Application Pen Test, you’ve probably already realized there are thousands of available options. In Google-ing I was immediately served, “Pen Testing--  $999-- Call Now!” V Compelling. Much Marketing.…

Read More

Introducing Bugcrowd M&A Assessment

The final mile for many Merger and Acquisition events is the security assessment. Once the acquiring party believes the business case is sound, the security team swings in for a final nod of approval. With little time to spare, security…

Read More

Ultimate Guide to Vulnerability Disclosure: Report Recap

Vulnerability Disclosure Programs (VDPs) help organizations reduce risk across publicly-accessible assets by relying on the voluntary contributions of end-users, customers, and good-faith security researchers. But many organizations still have questions about how (and why) they should incorporate these programs into…

Read More
Back To Top