skip to Main Content
This website use cookies which are necessary to its functioning and required to achieve the purposes illustrated in the privacy policy. To learn more or withdraw consent please click on Learn More. By continued use of this website you are consenting to our use of cookies.

Posts by Casey Ellis

Bigger Bugs Drive Higher Payouts to the Crowd

Today, we’re very happy to announce the launch of Bugcrowd’s 2018 State of Bug Bounty Report! Now in its fourth year, the Bugcrowd State of Bug Bounty Report provides an unparalleled, inside look into the trends across the emerging crowdsourced…

Read More

Defining Intent in the Crowdsourced Security Model

Over the past few months, the widespread popularity and adoption of bug bounties and vulnerability disclosure have grabbed headlines. This rapid adoption paired with recent incidents has hastened the need to make sure things are defined clearly—specifically, the difference between…

Read More

Spectre & Meltdown: Quick Fact Sheet

Several recently-published research articles have demonstrated a new class of timing attacks (Meltdown and Spectre) that work on modern CPUs. Variants of this issue are known to affect many modern processors, including certain processors by Intel, AMD and ARM. For…

Read More

Secret Program to Offer Rewards up to $250K

At Bugcrowd, we’ve long said that managed bug bounty programs allow organizations of any size or stage of security maturity to realize the benefits of a bug bounty program. This is why we’ve provided managed programs from day one and…

Read More

3,2,1… BSidesLV, Black Hat and DEF CON 2017 Wrap Up

BSidesLV, Black Hat and DEF CON week is “that time of year” in the security industry; when hackers, suits, feds and anyone else interested in our craft descend on Las Vegas. The goal? To teach, demonstrate, learn, connect, and enjoy the company of fellow members of the village.

Read More

Another Milestone in the Evolution of Bugcrowd

As a founder there is nothing better than watching the company I started grow and evolve. In the four and a half years I’ve watched Bugcrowd grow by leaps and bounds – the team has grown threefold in the past year alone. While our guiding principles, core values, and vision of the future of cybersecurity remain unchanged, today we have evolved as an organization. To use a much-used term from the early aughts, we are now very much Bugcrowd 2.0, and I’m proud to announce a brand-new website that reflects just that. 

Read More

Ongoing coverage of wide-scale ransom attack in progress: How to protect Internet-facing data stores

[Update] Active attacks now include: MongoDB, Elasticsearch and Hadoop.

Two weeks ago the Internet was hit with the first in what has become a frightening trend of ransom attacks. This first attack affected fewer than 200 MongoDB installations and for the most part flew under the radar given the meager sum requested by the attacker (0.2 Bitcoins). However, this attack marked a significant shift in ransom attack model and just two weeks later we’re seeing a major escalation of this model and its impact.

Read More
Back To Top