By Bugcrowd Mar 8, 2021Celebrating International Women’s Day at Bugcrowd Happy International Women’s Day! Each year, the world comes together on March 8th to celebrate the accomplishments of women and raise awareness of gender bias. This year’s theme is #ChooseToChallenge, highlighting everyone’s individual responsibility to challenge and call out gender… Read More
By Casey Ellis Mar 8, 2021NIST: Vulnerability Disclosure as a Requirement for Every Organization What is the NIST Cybersecurity Framework? The NIST Cybersecurity Framework is a set of policies meant to help the private sector in strengthening their cybersecurity readiness and awareness. The framework is published by the National Institute of Standards and Technology… Read More
By Michael Hamel Mar 1, 2021Announcing our P1 Warriors for Q4 2020! Warriors are defined as “brave and experienced soldiers who specialize in combat,” so it’s that time of the year again where we get to announce who made it into the next tier of our P1 Warrior Program during Q4! This… Read More
By Michael Hamel Mar 1, 2021BUGCROWD MVPs for Q4! The final quarter of 2020! As a platform, Bugcrowd has no limit to the amount of amazing researchers who work their butts off to squash some incredible bugs, but every once and a while a researcher comes along and zooms to a level that we… Read More
By Michael Hamel Feb 28, 2021Big Bugs: Bitbucket Pipelines Kata Containers Build Container Escape Atlassian ran a project on Bugcrowd looking for bugs in their proposed implementation of Kata Containers within the Bitbucket Pipelines CI/CD environment. Within the project, Researcher Alex Chapman (axjchapman) identified a vulnerability in Kata Containers which could allow processes running… Read More
By Luke Stephens Feb 18, 2021How to Find XXE Bugs: Severe, Missed and Misunderstood Introduction Every time I see an opportunity to attempt an External Entity Injection (XXE) attack I get excited. In my experience it has a high chance of success when compared to many other vulnerability types. Many of the XXE exploitation… Read More
By Bugcrowd Feb 16, 2021Complete Guide to Pentesting Penetration testing is a key cybersecurity best practice. Most organizations understand the need for it, but like many things in the industry, penetration testing can be a bit confusing. This blog covers penetration testing 101, helping to uncover the basics,… Read More
By Luke Stephens Feb 5, 2021The 10 Most Common Bugs of 2021 So Far, and How to Find Them! We're a whole month into 2021 already - and what a month it has been! Something that I always find fascinating is keeping an eye on the most common bug classes that get submitted through our platform. I think that… Read More
By Bugcrowd Product Marketing Feb 5, 2021Benefits of Penetration Testing Penetration testing (or pentesting) is a critical part of maintaining and fortifying your IP, network, and physical security. It involves giving professional pen testers permission to hack, test, and identify potential vulnerabilities in existing and new systems, networks, and apps,… Read More
By Michael Hamel Feb 1, 2021Hack Your Career! Introducing the Bugcrowd Scholar Program With so many avenues to explore in the Information Security community alone, taking the next step in your career can be a daunting task without the right guidance and support. Whether you’re just getting started in the Crowd or looking… Read More
