By Bugcrowd Product Marketing May 20, 2021Infographic: What are Vulnerabilities? Vulnerabilities are components of code that can be exploited to negatively impact the security of data, systems, people, or IP. According to ISO/IEC 29147:2018, a vulnerability is, "a behavior or set of conditions present in a system, product, component, or… Read More
By Bugcrowd Product Marketing Mar 9, 2021How Does a Bug Bounty Fit into my SDLC? “How does a bug bounty fit into my SDLC?” This is a question we hear all the time. While the obvious answer is that it can augment or replace much of your current manual and automated testing, the actual answer is simpler; “bug bounties fit into and support your SDLC each step of the way.” Read More
By Bugcrowd Product Marketing Feb 5, 2021Benefits of Penetration Testing Penetration testing (or pentesting) is a critical part of maintaining and fortifying your IP, network, and physical security. It involves giving professional pen testers permission to hack, test, and identify potential vulnerabilities in existing and new systems, networks, and apps,… Read More
By Bugcrowd Product Marketing Jan 20, 2021Top Challenges of Traditional Pen Tests Penetration testing (or pen testing) has become common practice for vulnerability assessment over the past decade. There are several reasons why people do pen tests. Identifying risky vulnerabilities for developers to address is great practice for risk reduction. That being… Read More
By Bugcrowd Product Marketing Dec 3, 2020What’s a Vulnerability Disclosure Program? In the past year, the U.S. Federal Trade Commission (FTC) and Department of Justice (DOJ) have released guidance outlining the need for vulnerability disclosure programs (VDP). With support from major legislative bodies like the National Institute of Standards and Technology,… Read More
By Bugcrowd Product Marketing Oct 7, 2020Reducing Noise in Crowdsourced Security More people → more coverage → more vulnerabilities. While the crowdsourced model provides a plethora of benefits, it’s tough to deny one of the core reasons many choose it. A larger pool of pay-per-finding security researchers are more likely to… Read More
By Bugcrowd Product Marketing Sep 23, 2020Can the Crowd Handle Network Pen Testing? Advances in firewalls and cloud security providers have greatly reduced risk to network infrastructure. But these advances have only served to deter low-level threats, while failing to combat complex risk from highly skilled malicious attackers. Modern penetration testing can help,… Read More
By Bugcrowd Product Marketing Sep 15, 20205 Things to Ask Your Web App Pen Test Provider If you’re more than 3 minutes into your search for a Web Application Pen Test, you’ve probably already realized there are thousands of available options. In Google-ing I was immediately served, “Pen Testing-- $999-- Call Now!” V Compelling. Much Marketing.… Read More
By Bugcrowd Product Marketing Aug 20, 20204 Things To Consider Before Your Next M&A The due diligence portion of an M&A is lengthy and complex, yet security teams are often given just a few weeks to perform a full risk analysis before final terms are agreed. That’s very little time to source, activate, and… Read More
By Bugcrowd Product Marketing Aug 19, 2020Introducing Bugcrowd M&A Assessment The final mile for many Merger and Acquisition events is the security assessment. Once the acquiring party believes the business case is sound, the security team swings in for a final nod of approval. With little time to spare, security… Read More