By Michael Hamel Oct 21, 2020Update to Bugcrowd Points System The goal of Crowdsourced security is to enable customers to easily identify the highest value vulnerabilities, as quickly as possible, by engaging with those that have the most expertise in finding vulnerabilities - the Crowd! The Bugcrowd platform enables this… Read More
By Erica Azad Oct 21, 20204 Attack Surface Management Mistakes to Avoid How can you secure what you don't know you have? When it comes to security, visibility is key. In fact, Gartner predicted that around 30% of successful attacks this year would be against shadow IT. It seems like there is a… Read More
By Michael Hamel Oct 19, 2020Daily Payouts, Greater Payments Flexibility & More with Bugcrowd As of today, we are proud to announce that we are moving to Daily Payouts as the next phase of our Bugcrowd Payments enhancements, with lowered transaction costs and increased invites to top earners on our platform. Faster time to… Read More
By Michael Hamel Oct 16, 2020Have the Skills to Pay the Bills? Every researcher has a skillset that sets them apart from the rest. Similarly, no two programs are alike! Each comes with their own technologies and environments. The goal of Bugcrowd is to seamlessly integrate the Crowd (we’re looking at you,… Read More
By Luke Stephens Oct 14, 2020What Vuln Scanners Miss in API Testing Luke Stephens is a father, husband, hacker, pen tester, and full-time Application Security Engineer and Quality Assurance Training Manager at Bugcrowd APIs are the interface between an organization’s most sensitive data and the end-user. And they’re everywhere. The last decade… Read More
By Michael Hamel Oct 9, 2020New Search Tokens for Faster Filtering! Gone are the days when you lose track of your program invites. Our tokenized search has been expanded. You can now search for programs you’ve been invited to and filter by invite date using new tokens. New to tokens? They’re… Read More
By Breonna Burrell Oct 8, 2020What’s the Buzz? October 2020 Subscribe to our Researcher Newsletter to receive the latest Researcher product updates, news and events each month! BUGCROWD’S OCTOBER CHALLENGE MONTH! Bugcrowd is excited to announce a special Program Challenge for the month of October to celebrate Cybersecurity Awareness! We… Read More
By Luke Stephens Oct 7, 2020These Are the Bugs You Should Look for in Late 2020 I have a pretty sweet job 😎. I get to read bug bounty submissions that blow my mind. I spend a considerable amount of time each day gathering my jaw from my office desk after reading about some face-melter P1s.… Read More
By Casey Ellis Oct 7, 2020NIST SP 800-53 R5 adds Vulnerability Disclosure Programs to Federal Security and Privacy Controls Earlier this week, the National Institute of Science and Technology (NIST) released Revision 5 of NIST Special Publication (800–53) Guidelines Security and Privacy Controls for Information Systems and Organizations. This revision makes a tremendous step toward bringing the role of… Read More
By Lauren Craigie Oct 7, 2020Reducing Noise in Crowdsourced Security More people → more coverage → more vulnerabilities. While the crowdsourced model provides a plethora of benefits, it’s tough to deny one of the core reasons many choose it. A larger pool of pay-per-finding security researchers are more likely to… Read More
