We just wrapped up our financial year here at Bugcrowd. We’re always looking ahead, but I also want to take a moment of gratitude to celebrate an amazing year. 

Over the last 12 months, we’ve experienced record-breaking growth and innovation. There were some truly unforgettable moments in 2024—from attending the industry’s biggest events to creating exceptional customer outcomes and celebrating hacker wins. And let me tell you, not even the rain could put a damper on seeing Bugcrowd’s name shine in Times Square (more on that later). 

The Bugcrowd billboard in Times Square, NYC.

 

Highlights from 2024

  • Informer acquisition—In May of last year, we acquired Informer, a leading provider of attack surface management and continuous penetration testing. Throughout the year, we’ve combined our platforms to enhance the value that customers receive from Bugcrowd by bringing best-of-breed asset discovery and monitoring for multiple use cases. This has led to the introduction of two new offerings—Bugcrowd External Attack Surface Management and Continuous Attack Surface Penetration Testing. 
  • Strategic growth financing—Bugcrowd secured two major strategic funding rounds totaling $152 million. On the day of the first funding announcement, the team got a chance to tour the New York Stock Exchange, where I was interviewed for the “Taking Stock with Trinity Chavez” series and “Live from MarketSite with Nasdaq’s Kristina Ayanian.” Later, we unveiled our brand new billboard on the Nasdaq tower in Times Square. You can check out the full story and see pictures from the day here
  • AI innovation—As access to AI technology becomes more widespread, we’ve doubled down on securing potential vulnerabilities in this new attack surface. We introduced two new products, AI Penetration Testing and AI Bias Assessments. Our work with customers like the US DoD’s Chief Digital and Artificial Intelligence Office (CDAO) has become a crucial proving ground for AI detection by unleashing the crowd for identifying data bias flaws. AI safety and security concerns will continue to rise, and we’re dedicated to helping the industry adopt AI with confidence. 
  • Customer value—Enabling our customers to achieve the best possible outcomes is always front of mind. Because of this approach, we’re seeing massive growth as a company. For example, we’ve seen over 75% growth in our penetration testing business and onboarded over 300 new customers. In addition to the AI innovations I mentioned earlier, we’ve added several offerings for our customers, including Continuous Attack Surface Penetration Testing and a free VDP compliance offering
  • Seeing the security community embrace The Crowd—I’ve had the chance to sit down with so many of our customers; the excitement they feel when they realize the potential of working with The Crowd is palpable. One conversation that stood out to me happened during an AMA-style webinar I did with Ross McKerchar, CISO of Sophos. He said, “The hacker community can outrun threat actors at an unprecedented pace. It’s like having hundreds of extra people working for you and keeping an eye on your perimeter, without the logistics and challenges of actually hiring people. Not even the largest security teams can do what a well-managed bug bounty engagement can accomplish.” This embodies exactly what I’m talking about—partnering with hackers and the crowdsourced intelligence on our platform helps organizations beat threat actors at their own game. 
  • Building the hacker community—We’ve always been extremely passionate about the hacker community, from advocating for policy reforms to protect those hacking in good faith to providing resources to uplift hackers along their security research journeys. This year, we introduced several features, like our request-a-response feature, to make hacking on the Bugcrowd platform even better. We had nearly 2000 engagements live in 2024, increased payouts, and worked with customers to host epic bug bashes.
  • Bugcrowd culture—This year, we hired 161 employees, added a new office in Brighton, UK, and extended our benefits to support long-term learning and career progression. We also built on our momentum with key leadership promotions and strategic hires. Part of Bugcrowd’s ethos is our commitment to building a culture of acceptance, inclusivity, and equal opportunity. I am proud to be part of a team that celebrates differences, embraces challenges, and holds itself accountable to high performance standards. 
  • Empowering partners—Our trusted partners are a key aspect of our global ecosystem, as over 20% of our business goes through channel partners. This percentage is growing significantly. We’ve signed on distributors from all over the world—from Japan and Singapore to the Middle East. Additionally, we’ve built a strong relationship with GuidePoint and Carahsoft to extend our reach. 

Honestly, this list only scratches the surface of what we accomplished in 2024. From platform feature updates to leading the charge in the public sector, there’s too much to fit into one blog. But that’s really the norm here at Bugcrowd, as we’re always pushing the boundaries of innovation and breaking through limitations. 

 

What’s next

In 2025, we’re going to keep the good times rolling. Keep on the lookout for launches of offensive security testing, a full UI/UX refresh of our platform, and more attack surface management embedded throughout the platform. We’ll be launching even more new programs to capture every opportunity for hackers to earn money and grow their skills. 

You’ll see more from us this upcoming year about a shift happening in the crowdsourced security industry towards crowdsourced intelligence. Bugcrowd is growing and we can’t wait to share more about how we are evolving our offerings to serve our customers even better. 

That’s just a little teaser of what’s to come. I can’t thank our customers, hackers, partners, and employees enough for their partnership this year. You are all key components in our community, and what we’re building collectively is incredibly special.