Today, we are excited to announce the availability of our 2017 Winter Product release. This latest release streamlines how organizations manage their bug bounty programs by adding several cutting-edge features to the Crowdcontrol™ platform. These new features promise to simplify integration by allowing information to pass seamlessly between Bugcrowd and customer environments, deliver a complete unified picture of overall security status, and improve the experience for both our customers and our researchers.

This release is structured around three core Crowdcontrol capabilities:

  • Integrative Workflow
  • Insightful Reporting
  • Researcher Enablement

Integrative Workflow

Streamline the integration of bug bounty solutions into your application workflow through API, custom fields, and role-based access.


  • API:

We understand that organizations rely on metrics and additional applications to manage their vulnerability management process. To address the need for a more integrated workflow, we have introduced a new bi-directional API that allows customers access raw report data and utilize a powerful query interface outside the Crowdcontrol platform.

  • Custom Fields:

The custom fields feature can be used to align the bug bounty management process with existing application security and development workflows. Allows customers to tag and categorize submissions to fit seamlessly into internal processes.

  • Program Specific Role-Based Access:

Our latest update to Crowdcontrol’s role-based access functionality addresses the needs to partition team roles between programs. Now, customers can ensure team members across the organization are focused on the programs and responsibilities that are most applicable to their job.


Insightful Reporting

Delivering program optimization and improved program understanding through our On-Demand program report.



On-Demand Program Report:

We understand that our customers not only need a well-organized report with valuable quantitative data, but also one that meets compliance needs. That is why our updated On-Demand bug bounty report now looks and feels more like a standard penetration test report. The revision of this report is the first step to providing our customers with a fully compliant point-in-time application security test.

Researcher Enablement

Enhancing the researcher experience through streamlined vulnerability communication and an additional payout method.


  • Enhanced Submission Form

Researcher enablement is incredibly important to us at Bugcrowd and we are constantly looking for new ways to make it better and easier to submit bugs and ultimately get paid. In this release we’ve updated our submission form, making it easier for researchers to format the essential details of a vulnerability and identify the affected target.

  • Payoneer

We’ve also added another way for researchers to get paid: Payoneer. Payoneer offers its customers the ability to receive payments through a direct bank account transfer or a prepaid credit card.

For further insight into these newly released Crowdcontrol features, take a look at our 2017 Winter Release Notes.