skip to Main Content

Topic: Company Resources

Bug Bounty Myth #4: You Can’t Trust Hackers

In the past month, we’ve been addressing some commonly held misconceptions about the bug bounty model, outlined in our guide, 7 Bug Bounty Myths, Busted. So far we’ve discussed the misconception that bug bounties are all public, examined the types of companies engaging with the bug bounty model, and debunked the perception some have that bug bounties are too risky. This week, we’re talking about the folks that make this economy go ‘round… the security researchers.

Myth #4: You Can’t Trust Hackers

False. With the right guidelines and incentives, white hat hackers are the good guys, security researchers that approach breaking into code like an adversary to help organizations.

Read More

Bug Bounty Myth #3: Running a Bug Bounty Program is Too Risky

In our recently released guide, 7 Bug Bounty Myths, Busted, we addressed some common misconceptions about the bug bounty model. We’re spending some time each week to take a deeper dive into those myths one by one. We started by addressing the misconception that bug bounty programs are all public and open to everyone and last week discussed the types of companies engaging with the bug bounty model. This week, we’re talking about risk…  

Read More

Bugcrowd Programs at a Glance

The crowdsourced security space is evolving rapidly. At Bugcrowd, we have more first-time Program Owners than ever trying out crowdsourced security economics through our Vulnerability Disclosure Programs and hundreds who have transitioned to on-demand and ongoing Bug Bounty Programs. We…

Read More

Bug Bounty Myth #2: Only Tech Companies Run Bug Bounties

In our recently released guide, 7 Bug Bounty Myths, Busted, we addressed some common misconceptions about the bug bounty model and bug bounty programs. We’re spending some time each week to take a deeper dive at those myths one by one. Last week we talked about the misconception that bug bounties are all public, and are open to everyone. Today, we’re addressing a related misconception regarding the types of companies engaging with the bug bounty model.

Myth #2: Only tech companies run bug bounty programs

By taking a quick look at our public programs page, our customers page, and our ‘List’ page, it’s clear that this isn’t true.

Read More

Bug Bounty Myth #1: All Bug Bounty Programs are ‘Public’

This year, bug bounties have hit an all-time high in the news, and are well on their way to becoming a necessity in any mature security organization. Because of that buzz and the positive traction the bug bounty space is seeing, it’s easy for us to forget that this is still a new approach to security that not everyone fully understands. That’s why we’ve put our ears to the ground to pick up on some commonly held misconceptions about how they work, why they work, and for whom they’re ideal. 

Read More

Evolving Bugcrowd’s Bounty Program

This post is written by Bugcrowd engineers, Paul Friedman and Daniel Trauner. Bugcrowd is the pioneer and innovator of managed bug bounty programs, and nothing makes that more obvious than the success of our own program, which is celebrating its…

Read More

Happy International Women’s Day!

Happy International Women’s Day! This day is all about celebrating the vast number of social, economic, cultural, technical and political achievements of women throughout history. Innovation, perseverance and respect are core to our mission at Bugcrowd, so we couldn’t let…

Read More

2018 CISO Investment Blueprint

As we saw in 2017, the number of data breaches and cyber-attacks is not slowing down. What’s more, security leaders are still focused on finding and investing in defensive tools to combat cybercrime. And yet still, adversaries are getting more…

Read More
Back To Top