By Breonna Burrell Sep 15, 2020Program Recommendations: Just for You! Finding programs on Bugcrowd is now easier than ever! We’ve made it a priority to improve the visibility of our program offerings through a new feature: Discovery. Our Discovery Page provides you with new ways to sort through and find… Read More
By Michael Hamel Mar 31, 2020Waitlisted Programs: Applying to Private Programs We are pleased to announce a brand new way for researchers to gain access to private programs: Waitlisted Programs! A few weeks ago, we launched Joinable Programs, where researchers can choose to join programs based on eligibility criteria. This was… Read More
By Michael Hamel Mar 3, 2020Introducing Joinable Programs: Expanding the Pathway to Program Eligibility We are excited to launch Joinable Programs, a new feature meant to make it easier for researchers to find and join programs that had previously been kept behind the “private programs” wall. With the majority of programs being “invite-only,” previously… Read More
By Guest Post Nov 21, 2019[GUEST BLOG] Earn Multiple Bonuses with Binance! This guest post originally appeared on the Binance blog. Binance is collaborating with Bugcrowd for a new, rewarding bug bounty bonus to ensure a more robust security system for our platform. Sign in the program today and earn multiple bonuses!… Read More
By Jason Haddix May 2, 2019Disclose.io – The Movement Marches Forward Bugcrowd released disclose.io, the open-sourced safe harbor project, in August 2018. Since then, we’re pleased to report that companies have been leaning into the need for a safer and easier-to-navigate legal environment for whitehat hackers. To help this along, we’ve… Read More
By Abigail Nguy Apr 30, 20192019 Buggy Award Winners Today, we are excited to announce the winners of the 2019 Buggy Awards! We know that the success of our business, and of the crowdsourced security space, depends on the hard work of our customers and researcher community. For this… Read More
By Bugcrowd Apr 26, 2018How strong should your Master Password be? For World Password Day we’d like to know This blog first appeared on 1Passwords' blog, and is written by customer Jeffrey Goldberg, Chief Defender Against the Dark Arts at 1Password. Just how strong should a 1Password Master Password be? We recommend that Master Passwords be generated using our wordlist generator… Read More
By Bugcrowd Mar 20, 2018Evolving Bugcrowd’s Bounty Program This post is written by Bugcrowd engineers, Paul Friedman and Daniel Trauner. Bugcrowd is the pioneer and innovator of managed bug bounty programs, and nothing makes that more obvious than the success of our own program, which is celebrating its… Read More
By Ashish Gupta Oct 6, 2017What We Can Learn from NETGEAR’s Approach to Security Earlier this week, Threatpost reported NETGEAR had fixed 50 vulnerabilities in its routers, switches, and NAS devices — many of which were reported via the company’s bug bounty program, Read More
By Bugcrowd Sep 19, 2017Ethical Security Research on SecureDrop The SecureDrop engineering team welcomes the contributions of security researchers. SecureDrop is relied on by sources to talk with journalists at dozens of news organizations, many of whom are taking significant risks to bring information to the public eye. We want to do everything we can to make the whistleblowing process as safe for them as possible. Testing by external security researchers is an important part of that process. In order to minimize risk to SecureDrop users throughout the security research process, in this post we will describe how to ethically perform security research on SecureDrop and what constitutes acceptable and unacceptable behavior. Read More
