By Lauren Craigie Sep 15, 20205 Things to Ask Your Web App Pen Test Provider If you’re more than 3 minutes into your search for a Web Application Pen Test, you’ve probably already realized there are thousands of available options. In Google-ing I was immediately served, “Pen Testing-- $999-- Call Now!” V Compelling. Much Marketing.… Read More
By Lauren Craigie Aug 20, 20204 Things To Consider Before Your Next M&A The due diligence portion of an M&A is lengthy and complex, yet security teams are often given just a few weeks to perform a full risk analysis before final terms are agreed. That’s very little time to source, activate, and… Read More
By Lauren Craigie Aug 19, 2020Introducing Bugcrowd M&A Assessment The final mile for many Merger and Acquisition events is the security assessment. Once the acquiring party believes the business case is sound, the security team swings in for a final nod of approval. With little time to spare, security… Read More
By Lauren Craigie Aug 13, 2020Ultimate Guide to Vulnerability Disclosure: Report Recap Vulnerability Disclosure Programs (VDPs) help organizations reduce risk across publicly-accessible assets by relying on the voluntary contributions of end-users, customers, and good-faith security researchers. But many organizations still have questions about how (and why) they should incorporate these programs into… Read More
By Lauren Craigie Jul 10, 2020Vulnerability Disclosure Programs: 7 Reasons Why CEOs Need Them Too Have you ever had a vendor claim to reduce attacks against your business? Unless they’re running some sort of protection racket, “reducing attacks” isn’t really possible. What they might mean is that they’ll help you avoid negative consequences from the… Read More
By Lauren Craigie Jun 30, 2020Bug Bounty & Pen Test: How to Choose, and When to Combine Bugcrowd launched Next Gen Pen Test, the first product in our Pen Test portfolio, in November of 2018. Since then, “The Difference Between Bug Bounty and Next Gen Pen Test” has remained one of our most popular blogs. Maybe not… Read More
By Lauren Craigie Jun 10, 2020Bugcrowd Releases Vulnerability Rating Taxonomy 1.9 with More Classifications for Credential Exposure The Vulnerability Rating Taxonomy (VRT) is a living project that is continually updated thanks to contributions from the broader security community to our open-sourced GitHub repository. Today, Bugcrowd is thrilled to announce the culmination of these most recent efforts, VRT… Read More
By Lauren Craigie May 27, 20202020 Remote Work Survey: How Security Leaders Are Responding to More Threats, With Less Budget Shelter-in-Place orders launched many organizations into fully-remote operating models, without precedence or a playbook for doing so both quickly and securely. In fact, according to a recent Bugcrowd survey, 74% of security leaders at organizations that weren’t already remote-first reported… Read More
By Lauren Craigie May 13, 2020Building the Business Case for Attack Surface Management Note: This is part 5 of a 5-part series in which we examine a smarter approach to attack surface management. Catch up on last week’s post first. I love the term “attack surface management.” So much so that that’s what we… Read More
By Lauren Craigie Apr 28, 2020Bugcrowd Launches Project-Based Pen Testing for Rapid Deployment and Real-Time Results Pen testing sure ain’t what it used to be. Or rather, what it was meant to be all along. Human-driven attack simulation was once considered the best way to approximate real risk for a given system. But the realities of… Read More
