By Lauren Craigie May 13, 2020Building the Business Case for Attack Surface Management Note: This is part 5 of a 5-part series in which we examine a smarter approach to attack surface management. Catch up on last week’s post first. I love the term “attack surface management.” So much so that that’s what we… Read More
By Lauren Craigie Apr 28, 2020Bugcrowd Launches Project-Based Pen Testing for Rapid Deployment and Real-Time Results Pen testing sure ain’t what it used to be. Or rather, what it was meant to be all along. Human-driven attack simulation was once considered the best way to approximate real risk for a given system. But the realities of… Read More
By Lauren Craigie Apr 21, 20207 Things Traditional Pen Testing Promised Why do we perform security testing? Lots of reasons- like ensuring we take steps to protect data, avoid downtime, promote transparency, and the list goes on. But why pen test, in particular? If we assume, for the purposes of this… Read More
By Lauren Craigie Apr 7, 20205 Reasons Why Attack Surface Scanners Aren’t Enough Inside-out: How organizations typically defend their digital ecosystem. Outside-in: How attackers actually operate. In other words, while organizations work to secure priority assets, attackers are more focused on whatever fell off the radar. Unknown or un-prioritized assets become ticking time-bombs… Read More
By Lauren Craigie Mar 30, 20205 Things We Learned from the 5 Mins to 50% More Attack Surface Webinar Note: This blog is a recap of our latest webinar, “5 Minutes to 50% More Attack Surface” You can access the full recording here. It’s 11pm. Do you know where your assets are? Do your attackers? In our latest webinar,… Read More
By Lauren Craigie Feb 24, 2020Bugcrowd at RSA2020: Reduce Time to Value With Auto-Join Programs, Enhanced Skill Matching, API Extensions, and More Attack surface and motivated attackers are both increasing, and organizations are often left to decide whether more humans (when available), or more technology (when affordable) will alleviate their growing coverage crisis. This year, the theme of RSA is, “Human Element.”… Read More
By Lauren Craigie Dec 16, 2019Bugcrowd Launches CrowdStream and In-Platform Coordinated Disclosure Security is a team sport. The information held by fellow security practitioners and researchers has the power to affect how and when we respond to adversarial threats. The sooner this information can be shared, the sooner it can be actioned… Read More
By Lauren Craigie Dec 2, 2019Bugcrowd Connects to SOAR Space with IBM Resilient Integration Bugcrowd helps organizations get ahead of cyber threats by enabling security teams to find and quickly remediate critical vulnerabilities. But we also know that the value of vulnerability data extends beyond the individual patch. In aggregate, this information can often… Read More
By Lauren Craigie Nov 20, 2019Bugcrowd Adds Asset Inventory to Attack Surface Management For more than seven years, organizations around the world have trusted Bugcrowd to help identify more than 300,000 vulnerabilities in their known IT ecosystems. But with the average organization tracking less than 40% of their total internet-facing footprint, and more… Read More
By Lauren Craigie Oct 24, 2019Bugcrowd Introduces Self-Serve Program Announcements Bugcrowd is constantly looking for ways to improve the crowdsourced experience for program owners and researchers alike. Today’s feature release accomplishes both. While Bugcrowd offers full program management for all of our products and services, we also appreciate the value… Read More
