The midterms are just a month away. No matter your political leanings, there is one topic that should be on the minds of not only every American citizen, but everyone around the world: election hacking. Where we stand right now,…
Last week, the House voted to approve H.R. 6735, a bill that directs the Homeland Security Secretary to establish a vulnerability disclosure policy for the agency’s websites. This was a swift decision -- The House Homeland Security Committee advanced this…
Today the White House rolled out its long awaited National Cybersecurity Strategy. It was very exciting - but also a little unsurprising - to see crowdsourced security front and center as one of the few named solutions: The United States…
This blog post originally appeared on Casey's Medium blog. 6 years ago today I got off a plane armed with a bunch of notes. I’d spent a week meeting with pen-testing customers in Melbourne, and I’d been talking to them…
If you do a Google Image Search against the word hacker, you’ll get images of scary-looking balaclava-clad cybercriminals hunched over a quintessentially green computer terminal. They’re up to no good… Stealing your data, crashing critical systems, or causing general Internet…
Today, we’re very happy to announce the launch of Bugcrowd’s 2018 State of Bug Bounty Report! Now in its fourth year, the Bugcrowd State of Bug Bounty Report provides an unparalleled, inside look into the trends across the emerging crowdsourced…
Over the past few months, the widespread popularity and adoption of bug bounties and vulnerability disclosure have grabbed headlines. This rapid adoption paired with recent incidents have hastened the need to make sure things are defined clearly—specifically, the difference between…
Earlier this month, the National Institute of Standard and Technology’s (NIST) cybersecurity framework released a revision (1.1, Draft 2) of its Framework for Improving Critical Infrastructure Cybersecurity. The new release now includes vulnerability disclosure processes as part of the Framework Core…
Several recently-published research articles have demonstrated a new class of timing attacks (Meltdown and Spectre) that work on modern CPUs. Variants of this issue are known to affect many modern processors, including certain processors by Intel, AMD and ARM. For…
Bugcrowd is excited and very pleased to announce the appointment of Ashish Gupta as our new Chief Executive Officer. With this addition, I’ll be transitioning to Chairman of the Board and Chief Technology Officer.
