The rolling hills of Kentucky made a beautiful backdrop for a two-day Car Hacking Bug Bash following DerbyCon earlier this month. This exclusive event pulled in the world’s top car hackers to search for vulnerabilities in cars that might sit in your garage today. These security researchers worked with our customer to find a number of P1 submissions on targets that included physical cars that we had on site. This Bug Bash was unprecedented in its success – giving researchers direct access to the technology and the teams who secure that technology.

This Louisville Bug Bash drew elite hackers with experiences across car hardware, web and mobile hacking, along with hardware and RF hacking. The combination of experiences and backgrounds led to fun collaboration and teaming between researchers  – ultimately leading to some of the most exciting finds of the week. We saw multiple $15,000+ payouts during the event. Bugcrowd plans to do more car hacking events over the coming year.

As with any Bugcrowd event, we brought in cool swag. We unveiled our new Bug Bash swag, including a custom a Bug Bash backpack and hoodie, along with our newest t-shirt design:

This is just the start of what’s to come for Bugcrowd Bug Bash events. In the coming months, you will see events in cities across the globe with amazing companies. Our next Bug Bash event is November 3rd at the Cal Poly Cybersecurity Institute. The event will take place in the new IoT Lab – which will be set up as a mini city to replicate a real-world environment for hacking – and will bring together top Bugcrowd researchers and students from Cal Poly’s White Hat club for a full day hackathon to surface vulnerabilities on a number of Arlo products, including Arlo Pro 2, Arlo Security Lights, Arlo Baby, and more.

Interested in earning an invite to a Bug Bash? We will have more information about how to get involved in the future – in the meantime, we have great resources for researchers, links to various public Bugcrowd programs, and Bugcrowd University.  Stay tuned…