How is it 2020 already? We're in the last month of the decade, and the year that has long held a “futurist bookmark” in people’s minds is now upon us. We may not have hoverboards and flying cars yet, but…
In 2012, Bugcrowd set out to create a radical cybersecurity advantage and level the playing field between attackers and defenders. As one of the first steps on that journey, seven years ago today, we launched our first "Proof of Concept"…
A few weeks ago I was tagged by Art Manion of the CERT Coordination Center (CERT/CC) in a tweet asking about Bugcrowd’s approach to disclosure policy defaults. The short version of the thread was concern around a statement in our…
If you’re reading this article, statistically speaking your organization might be getting hacked. In the private sector, the Equifax hack and Intel’s processor vulnerabilities took the mainstream media by storm. And over the past year, data breaches of U.S. government networks, once novel, have…
Yesterday news broke that a bug in FaceTime that allows callers to listen to the audio of the person they are calling before that person picks up. Today we learned that it was a high school student in Tucson, Arizona…
Since 2013, Bugcrowd has maintained “The List” -- a directory of public bug bounty and vulnerability disclosure programs. What started out as a crowdsourced blog post, has evolved to become the defacto resource for people looking for bug bounty and…
Today Marriott announced the company’s Starwood reservations database had been breached and the personal information of 500 million guests stolen. The Washington Post reports that Marriott first learned that an unauthorized party had access to its systems on Sept. 8,…
Open source is an amazing model and tool, and it’s not a stretch to say that open source is in many ways responsible for the rapid acceleration of technology over the last 20 years. The Linux Foundation recently surveyed and…
This weekend’s news that Georgia’s voter registration system has been likened to “an open bank safe door” paints a bleak picture of the state of election security as we enter the midterm’s final day. According to Who.What.Why.: "A series of…
As is the case with many things, this post is the product of being bored on a long flight with Internet access. I made a deliberately vague but provocative Twitter poll, which subsequently blew up and spawned an amazing list…
