Bugcrowd is happy to announce a new update to Crowdcontrol’s user permissions that now provides customers a much more customizable experience. A company may now segment their team members’ roles to specific programs.

Why is this important?

Bugcrowd provides the power of managed bug bounty programs in three different solutions–public ongoing, private ongoing, and hackers on-demand–each of which can be utilized differently according to a business’s security maturity, goals, and needs. More and more, organizations are beginning to run multiple bug bounty programs at different points of the SDL and on various components of their business. Multiple programs on a number of different applications may call for a more nuanced approach when distributing permissions. This update addresses the needs of partitioning team roles between programs.

What does this mean?

Our new program specific roles feature will allow individuals assigned as ‘organization owners’ to have full visibility into and control over all of their organization’s programs running on Crowdcontrol. The owner has the ability to assign all ‘organization members‘ different roles and permissions specific to a particular program. For example, a team member may be assigned an ‘program analyst’ role on the public ongoing program, a ‘program viewer’ role on the private ongoing program, and may be excluded from the on-demand program.

At the program level, ‘program administrators‘ will have the ability to invite team memebers and manage their team on a specific program.


Below is a snapshot of the new updates:

Roles and Permissions Update

  • This update introduces two levels of roles; the overarching organization roles and individual program roles. Visit our product documentation center for a more granular listing of role permissions.

User Interface Updates

  • Adjusting/Removing Roles

Any thoughts, ideas, or questions? We’d love to hear from you at support@bugcrowd.com or @Bugcrowd.