By Luke Stephens Oct 7, 2020These Are the Bugs You Should Look for in Late 2020 I have a pretty sweet job 😎. I get to read bug bounty submissions that blow my mind. I spend a considerable amount of time each day gathering my jaw from my office desk after reading about some face-melter P1s.… Read More
By Casey Ellis Oct 7, 2020NIST SP 800-53 R5 adds Vulnerability Disclosure Programs to Federal Security and Privacy Controls Earlier this week, the National Institute of Science and Technology (NIST) released Revision 5 of NIST Special Publication (800–53) Guidelines Security and Privacy Controls for Information Systems and Organizations. This revision makes a tremendous step toward bringing the role of… Read More
By Lauren Craigie Oct 7, 2020Reducing Noise in Crowdsourced Security More people → more coverage → more vulnerabilities. While the crowdsourced model provides a plethora of benefits, it’s tough to deny one of the core reasons many choose it. A larger pool of pay-per-finding security researchers are more likely to… Read More
By Michael Skelton Sep 30, 2020How-To: FFUF with Codingo One of the areas we’re most passionate about here at Bugcrowd is hacker education, and elevating the Crowd to new heights. This extends beyond our roles and is something many of us are passionate about in our personal time as… Read More
By Athena Peterson Sep 30, 2020Customer Spotlight: Skyscanner Do you know your way around E-Commerce flows? Do you have experience with creative exploitation of vulnerabilities? Then we have the perfect program for you. Skyscanner, an online travel marketplace,  is looking for you! About the Program Skyscanner’s bug bounty… Read More
By Luke Stephens Sep 26, 2020A Byte-ful with TomNomNom Without a doubt, tomnomnom is one of my favourite hackers. I look up to his tools and mindset. Recently, I was able to sit down and have a long chat with him. In this podcast, Tom goes into detail and… Read More
By Michael Hamel Sep 24, 2020Bugcrowd’s October Challenge Month! Can you say ‘Cybersecurity Awareness Month’ 10-times, fast? Bugcrowd is excited to announce a special Program Challenge for the month of October to celebrate Cybersecurity Awareness. We will be running a set of challenges that get progressively more difficult each… Read More
By Lauren Craigie Sep 23, 2020Can the Crowd Handle Network Pen Testing? Advances in firewalls and cloud security providers have greatly reduced risk to network infrastructure. But these advances have only served to deter low-level threats, while failing to combat complex risk from highly skilled malicious attackers. Modern penetration testing can help,… Read More
By Michael Hamel Sep 18, 2020Researcher Profiles: Resumes in Platform and Profile Changes Noticing anything new lately? We have been making major improvements to the Researcher experience on the Bugcrowd platform. Some of these changes enhance the profile design and workflow for users. Others offer new ways to show us who you are… Read More
By Breonna Burrell Sep 17, 2020Researcher Spotlight: Ahsan Khan (hunter0x7) Being a full-time hunter can be a risky gamble, but with hard work and dedication can be extremely rewarding! Ahsan Khan (hunter0x7) took on bug hunting full time almost 5 years ago. Since then, he’s honed his skills and found… Read More
