This guest blog is authored by the HiRoad Security team. The auto insurance industry requires a great deal of information about customers in order to accurately measure risk and, for HiRoad, rewards for good driving. The insurance industry is also…
Attack surface has grown exponentially for many organizations, and with it, their susceptibility to weaknesses. To combat this reality, security teams utilizing crowdsourced security solutions have expanded their program scopes to include more and more of their ever-evolving assets. Notable…
This guest blog is authored by Matt Hillary, Vice President of Security at Instructure and originally appeared on the Instructure blog. Every year, the Instructure security team attends DefCon to learn together with the greater security community about ways we…
This guest blog is authored by Matias Brutti, Director of Research and Exploitation at Okta, and originally appeared on the Okta Security Blog. Protecting our customers, partners, and other stakeholders has always been the Okta Security Team’s top priority. We have…
Earlier this year, we took a closer look at why every company should have a vulnerability disclosure program. As veterans with combined 40+ years in the cybersecurity space, Bugcrowd founder and CTO Casey Ellis and CSO David Baker each gave…
In the past year, the U.S. Federal Trade Commission (FTC) and Department of Justice (DOJ) have released guidance outlining the need for vulnerability disclosure programs (VDP). With support from major legislative bodies like the National Institute of Standards and Technology,…
Last week Bugcrowd attended Gartner's annual Security and Risk Management Summit in Washington, D.C. While I know what a city built on a swamp does to your hair, I'm still happy to return every June to catch up with analysts,…
The blog is authored by Jaan Anvelt, Chief Information Security Officer at Bigbank. We’re excited to launch our new Vulnerability Disclosure Program with Bugcrowd today! You can find the VDP page here. Bigbank’s managed Vulnerability Disclosure Program enables the company…
We are thrilled to announce the newest release of our Vulnerability Rating Taxonomy, VRT 1.5! Updates made in this release are largely contributed to insights collected from the broader security community. In 2017, we decided to accept outsourced feedback by…
According to the CVE, 2017 saw 14,713 published vulnerabilities, an increase of more than 128% from last year. For 2018, the CVE has already seen more than 5K published vulnerabilities so we should see the upward trajectory continue. This past…
