We are always updating our Vulnerability Rating Taxonomy (VRT), integrating our learnings into each version update. We are thrilled to announce our latest release, VRT 1.7 in response to our community’s ongoing feedback through our open-sourced GitHub repository. Security misconfiguration…
Today we released the 2019 edition of the Inside the Mind of a Hacker Report, highlighting the makeup of the bug hunting community to provide insight and understanding into who they are, what they like to do, their experiences, skillsets,…
Attack surfaces over the past decade have become more complex than ever, and the overall surface area has ballooned significantly. As our world continues to come online, cybersecurity vulnerabilities become even more apparent. No one thinks—or cares—more about cybersecurity than…
Penetration testing has become a best practice for vulnerability assessment over the past two decades, but in recent years we’ve seen this traditional security assessment method falls short. The application development process is speeding up and data breaches continue to…
Organizations in nearly every industry are feeling pressure to deliver value faster, get to market ahead of the competition, and continuously improve their customer experience. For software applications built and deployed today, it is all about velocity and automation. This is good for innovation but often leads to inconsistencies, vulnerabilities and problems with upgrades and code review.
According to the CVE, 2017 saw 14,713 published vulnerabilities, an increase of more than 128% from last year. For 2018, the CVE has already seen more than 5K published vulnerabilities so we should see the upward trajectory continue. This past…
Today we are excited to announce Vulnerability Remediation Advice, our newest feature on Crowdcontrol™! With Vulnerability Remediation Advice, Development and Security can accelerate the remediation process, introducing secure coding methodologies that help educate development, improve code velocity and reduce risk.…
There is no doubt that the bug bounty industry is growing quickly yet in spite of this (or perhaps because of it) it’s still novel to many. One area especially near and dear to my heart is on the triage…
Over the past months, we’ve addressed the bug bounty misconceptions outlined in our recent guide, 7 Bug Bounty Myths, Busted. So far we’ve…
Today we’re taking a look at what it really takes to manage a bug bounty program in our last post in this series…
In the past several weeks, we’ve been addressing bug bounty misconceptions in our guide, 7 Bug Bounty Myths, Busted. So far we’ve…
Today we’re talking about the budget.
