It’s a notable week for Bugcrowd: we are all incredibly proud to be celebrating our 10th anniversary and sharing our journey with you. “Never could I have imagined in 2012 what we would achieve and just how much we have grown, on so many levels,” said our founder Casey Ellis. Growing as a team and in reputation as the leader in crowdsourced cybersecurity is really inspiring, especially when considering that over 90% of businesses fail within the first ten years!

While it has undoubtedly been hard work, we are grateful for the dedication of our employees and for the encouragement and support from our customers, researchers, and partners. 

The Napkin Moment

On September 1, 2012, during a flight from Melbourne to Sydney, a series of ideas our founder had been working on for a year or more coalesced with a series of conversations he’d just had about the then embryonic trend of “bug bounty programs” starting to form in the Silicon Valley . . . the lightbulb went off, and Bugcrowd was born.

The idea itself was simple: Build a platform which connects the latent potential of those who hack in good-faith around the world with as much of the global cybersecurity problem as possible, and in doing so provide customers with an army of allies to compete with and outsmart the growing army of adversaries. 

In 2012 cybersecurity wasn’t a C-suite priority in the way it is today. Most of the strategy in keeping an organization’s attack surface secure was reactive in nature—a response to a failure of some sort that led to a breach, ransomware, or cyber attack. Hackers and hacking were a niche and almost completely misunderstood subculture, and the bounty hunter community barely existed. Times are very different now. Today’s threat landscape demands a proactive approach to cybersecurity—and only the Bugcrowd Security Knowledge Platform™ combines data, technology, and the ingenuity of the global security researcher community to expose blind spots in an organization’s attack surface, before attackers can take advantage. 

Our journey

Bugcrowd has witnessed and been a part of leading some incredible shifts in the way the  Internet views and secures itself—we’ve seen tens of thousands, if not more, cybersecurity careers launched around the world, we’ve seen young hackers realize that there are legitimate career paths available to those who “think bad, but do good” and then go on to finance homes, cars, care for parents, and all sorts of other amazing things in their personal lives. Most importantly, we’ve seen the perceptions—and more recently the laws themselves—shift to acknowledge the crucial role hackers play in security. 

This week, we mark a milestone in a journey that began with bug bounty, led to us  pioneering the crowdsourced cybersecurity space, and has now brought us to a place where we bring the unbeatable ingenuity of the global researcher community to numerous use cases for our customers through a multi-solution SaaS platform. Since our founding we have:

  • Grew from a staff of 17 in 2013 to a team of 280+ today
  • Opened offices in San Francisco, London, Costa Rica, and (India?)
  • Raised 83M USD is venture capital to establish the category and build the platform
  • Grown our customer base to well over 600 companies across 30 industries and 43 countries
  • Grown the community of security experts who hack on the Bugcrowd Security Knowledge Platform to 275,000+ members from 118 countries, and seen them receive over 80M USD in rewards and payments
  • Launched 3,500+ customer programs
  • Annihilated ~200,000 vulnerabilities
  • Added bug bounty, vulnerability disclosure, PTaaS, and Attack Surface Management to our original crowdsourced pen test offering

And, ten years in, we’re just getting started.

We wouldn’t have made it this far without . . .

Our wonderful Bugrowders and researchers—some of the smartest, creative, most mission-driven people who all exemplify our “build it like you own it” core value.

Without their dedication we could not have made it this far. Everyone on the team plays a very important role in the development of our company. Their enthusiasm, support, and commitment to our core values have brought us to this height. Bugcrowd is indebted to the contributions of its employees and researchers.

Our wonderful customers—thank you to each and every one of our customers—especially those who understood the true nature of builder/breaker feedback early on. You took a gamble on a young company and a new and provocative idea, reaped the benefits of being on the cutting edge, and now lead your respective verticals when it comes to establishing a proactive security posture. 

What’s next?

Going forward, our Mission and Vision remains the same since day one: To power proactive security postures and create a world where no one is blindsided by cybersecurity attacks. 

Cybersecurity is ever-evolving and always changing, and for as long as humans are the ones building products, creating companies, and writing code, human creativity will be required to outsmart the adversary and defend the attack surface of our customers and help them protect their users.

We’ve spent the last 10 years building the leading platform for connecting technology and human creativity to where it’s needed most. We’re very excited for what the next 10 years hold in store for Bugcrowd, our space, and a more resilient and trustworthy Internet.

So with that, please join us in a unified toast: Here’s to another 10 years of happy employees, happy customers, happy researchers, and continuous innovation. Cheers!