skip to Main Content

Researcher Spotlight – Ciaran “Mak” McNally

At Bugcrowd we’ve heard from many researchers that they would love to do bug hunting full-time. Many researchers have used bug bounties as way to supplement their income, build up their skills, increase the size of their professional network and the number of work opportunities available to them.

Read More

3 Years, 20,000 Security Researchers, and Nearly 200 Clients Later…

2012 was the year that almost every industry, banking, education, government, big tech and even security, was hacked. Many, if not all of these companies were doing “all” they could to protect themselves against these hacks, and yet they were still left vulnerable. In direct response to this, 2012 was also the year we built Bugcrowd to beat an army of adversaries with an army of allies.

Read More

Vulnerability Prioritization at Bugcrowd

The only way for a security team to effectively manage risk is vulnerability prioritization and management. There are many different prioritization models used across the industry that are based on vulnerability risk and impact. Without a clear prioritization model, how do you know what to fix first? Highest CVSS Score? FIFO? LIFO? Externally known issues? Whatever your prioritization plan is, it needs to be documented and updated as threats to your business change.

Read More

July 2015 Hall of Fame

It is time for the July 2015 Hall of Fame, and this month we had an unusual situation. We ran an internal project for our Application Security Engineers, and jhaddix crushed it. But the performance bonus program is for the Crowd, not employees. As a result, in July we are awarding the 1st, 2nd, and 4th place researchers. To thank these individuals for their hard work, Bugcrowd is pleased to announce the following researchers will receive July 2015 performance bonuses:

Read More

Finding An InfoSec Job

A lot of organizations out there are looking talented hackers right now. Defense, offense, Ops, Dev, you name it, if you have skills then someone is probably looking for you! The problem doesn’t seem to be the *need* but a concise way to finding/getting these positions. Here are a few notes and resources we love for helping connect awesome researchers with awesome companies (it’s kinda a thing we do here).

Read More
Learn More About Security Testing Unlocked From a Joint Webinar With Bugcrowd And IOActive Register Now
+
Back To Top