Since 2013, security researchers have helped Bugcrowd change how the world performs security testing at scale. For many, that meant replacing traditional pen tests with the dynamic and continuous coverage only possible through crowdsourced programs like bug bounties. However, an…
During RSA, Bugcrowd founder and CTO Casey Ellis sat down with CyberScoop’s Greg Otto to discuss the future of work and how bug bounty programs have always been about the evolution of penetration testing. Below are a few highlights. You…
Is my stuff secure? At their core, penetration tests answer two critical questions: Is my stuff secure? How do you know? Q1 is pretty straightforward. If the answer is ‘no,’ then Q2 consists of a list of vulnerabilities discovered. But…
Last week we released the ESG Research Insights Report, Security Leadership Study – Trends in Application Security, revealing what CISOs are looking to prioritize in the year to come. With the ever-expanding threat landscape and increasingly sophisticated adversaries, organizations are…
Today we are launching Advanced Program Search on the Programs list page, an expansive search feature that allows researchers to more easily surface programs that suit their interests. This feature leverages the tokenized search functionality that we have in other…
We recently launched Next Gen Pen Test. It’s a new product with unique platform capabilities to meet organizations’ evolving continuous application security needs as focused external threats grow at an accelerated pace. The next generation of pen testing can deliver…
Today, we announced a new product designed to meet the changing security needs of today’s enterprise: Bugcrowd Next Gen Pen Test. According to our recent survey of 200 security leaders, 56% are dissatisfied with their current pen test efforts, and…
Our most recent VRT Council led us through an interesting discussion, ultimately leading us to expedite the release of VRT 1.6. The release includes two major changes: revision to internal SSRF, and how we rate email spoofing, more specifically the…
Since 2003, Movember has raised awareness and funds for men’s health. With more than 5 million Mo Bros and Mo Sistas around the world participating in this cause, the security of the foundation’s platform is incredibly important. Like many organizations,…
Penetration testing has become common practice for vulnerability assessment over the past decade. There are several reasons why people do pentests. Identifying risky vulnerabilities for developers to address is great practice for risk reduction. That being said, many times the…
