Pen testing sure ain’t what it used to be. Or rather, what it was meant to be all along. Human-driven attack simulation was once considered the best way to approximate real risk for a given system. But the realities of…
Note: This is part 3 of a 5-part series in which we examine a smarter approach to attack surface management. Catch up on last week’s post first. Inventory management, the precursor to attack surface management, operated on the assumption that you…
Why do we perform security testing? Lots of reasons- like ensuring we take steps to protect data, avoid downtime, promote transparency, and the list goes on. But why pen test, in particular? If we assume, for the purposes of this…
I have a confession to make: I've been to a lot of hacking conferences, but I've seen hardly any talks from start to finish. It's not that the talks aren't interesting, they are! It's not that I have trouble focusing…
We are ecstatic to see all the engagement our newest feature, Waitlisted, has generated. In the first month, we saw over 2,000 applications and have around 30 Waitlisted programs available right now! We look forward to getting more Waitlisted programs…
Note: This is part 2 of a 5-part series in which we examine a smarter approach to attack surface management. Catch up on last week's post first. Attack surface is on the rise-- but that's not necessarily a bad thing.…
Last weekend I finished re-reading A Tale of Two Cities by Charles Dickens as it really helps reflect on the world we live in today: “It was the best of times, it was the worst of times, it was the…
Inside-out: How organizations typically defend their digital ecosystem. Outside-in: How attackers actually operate. In other words, while organizations work to secure priority assets, attackers are more focused on whatever fell off the radar. Unknown or un-prioritized assets become ticking time-bombs…
Are you ready to Level Up? Block your calendar for May 9th 2020, from 10am to 4pm Pacific Time, for Bugcrowd's 6th LevelUp virtual conference!!! As a hat-tip to the unusual times we're all experiencing with COVID19, and with a…
Crowdsourced security provides a valuable opportunity for organizations to up-level their security posture through the collective power of the researcher community. But it can be a daunting endeavor for many. At Bugcrowd, we’ve developed a process that can ensure full-scale…
