By Lauren Craigie Oct 23, 2019Bugcrowd Releases Vulnerability Rating Taxonomy 1.8 With New Indicators of Compromise The Vulnerability Rating Taxonomy (VRT) is a living project that is continually updated thanks to contributions from the broader security community to our open-sourced GitHub repository. Today, Bugcrowd is thrilled to announce the culmination of these most recent efforts, VRT… Read More
By Lauren Craigie Oct 22, 2019Bugcrowd Launches Crowd-Powered Attack Surface Management The recent explosion of cloud and SaaS offerings from a cross-industry wave of digital transformation has made it harder than ever for organizations to accurately assess their entire attack surface. While asset discovery and management tools chip away at the… Read More
By Lauren Craigie Sep 12, 2019Top Challenges for Crowdsourced Security Programs: Achieving Organizational Buy-in “First priority vulnerability in under 24 hours.” “10x more high priority vulnerabilities than traditional testing.” “Annual impact of two full time resources in under a week.” The benefits of crowdsourced vulnerability discovery programs are compelling. But I’m sure if you’re… Read More
By Lauren Craigie Jun 26, 2019Trust, Vulnerability, and Fighter Pilots: Key Takeaways from the Gartner Security and Risk Management Summit Last week Bugcrowd attended Gartner's annual Security and Risk Management Summit in Washington, D.C. While I know what a city built on a swamp does to your hair, I'm still happy to return every June to catch up with analysts,… Read More
By Lauren Craigie May 14, 2019Perspectives from FS-ISAC 2019 Last week we attended the Financial Services Information Sharing and Analysis Center (FS-ISAC) cybersecurity summit in Orlando, Florida. The event was a first for a few on our team but certainly not for many of the attendees we spoke to,… Read More
By Lauren Craigie Apr 16, 2019Taking Back Pen Tests- From Requirement to Necessity Is my stuff secure? At their core, penetration tests answer two critical questions: Is my stuff secure? How do you know? Q1 is pretty straightforward. If the answer is ‘no,’ then Q2 consists of a list of vulnerabilities discovered. But… Read More
By Lauren Craigie Mar 12, 2019Bugcrowd’s Self-Serve ServiceNow Integration for Crowdcontrol Finding heaps of vulnerabilities isn’t very useful without a way to action them. That’s why Bugcrowd isn’t just focused on finding more vulnerabilities, we’re focused on helping organizations resolve those findings, faster. Today we’re proud to announce the launch of… Read More
By Lauren Craigie Feb 20, 2019Bugcrowd’s Self-Serve GitHub Integration for Crowdcontrol Surfacing high-value, critical vulnerabilities is the #1 biggest attractor for organizations considering crowdsourced security, according to the 2019 Bugcrowd CISO survey. However, the #1 most frequently cited barrier to doing more with those findings, is the lack of integration between… Read More
By Lauren Craigie Jan 15, 2019How do Development and Security work together? Don’t divide the work- unite priorities #DevSecOps #SecDevOps #OpsSe.. you get it. InfoSec has a knack for transient buzzwords that imply the problem while teeing-up the solution. The prefix “NextGen” does this beautifully- ‘the legacy method is obsolete; this new thing is better.’ ‘SecDevOps’ is… Read More
