skip to Main Content

Topic: Researcher Resources

2018 Predictions: It Takes a Crowd

At the end of 2017 we asked our researcher community what changes they predicted for the bug bounty space in the year to come. The response was overwhelmingly the same: more companies adopting bug bounties across company size and industry…

Read More

The Personalities That Put the “Crowd” in Bugcrowd (Part 1 of 3)

Last week, David Baker (Bugcrowd’s Chief Security Officer) released a blog post discussing why it’s important to understand researcher motivations in order to run a successful bug bounty program. Furthermore – to enable current and future customers to get a better handle on what drives security researchers at Bugcrowd – we released the Inside the Mind of a Hacker (version 2.0) report covering a broad range of metrics around who the Crowd is comprised of; including data on age, level of education, geographic location, and most importantly – what motivates us (and I use the term “us”, because I myself am a security researcher on Bugcrowd).

Read More

Inside the Mind of a Hacker 2.0

Last year, we launched the Inside the Mind of a Hacker report, sharing insights into the distinct profiles and stories, gathered from the Bugcrowd researcher community. Today we’re launching our second iteration on this, Inside the Mind of a Hacker 2.0, diving deeper into the collective power and intelligence the bug bounty community brings to the war on bugs.

The stakes have never been greater, it seems. Breaches and attacks from independent actors or nation states have increased in number and their impact can be felt by all. At Bugcrowd, we’ve built a community of more than 65,000 security researchers and white-hat hackers that is helping organizations around the globe increase their defenses by finding and resolving security vulnerabilities at break-neck speed.

Read More

How to Earn Your Way Onto a Private Bounty Program

We are consistently asked “How Do I Earn Private Program Invitations?”
Hands down, this is our most commonly asked question from members of our Crowd, so we want to take this opportunity to reemphasize the most important information to keep an eye on if you’re looking to get invited to a private program.

Since 2015, we have consistently used the following performance and activity markers (+ any required technical skills!) to choose our program participants. The criteria we continue to use to determine invites:

Read More

Car Hacking in the Cloud (for Cheap) at DEF CON, Part 2

Last month, we wrote an introductory overview of our experience running the second annual Car Hacking Village CTF infrastructure at DEF CON 25. Most notably, our use of Zappa to deploy Flask-based CTFd on AWS Lambda and API Gateway resulted in a $1.50 bill for the entire month of July (excluding database instances), while providing a number of operational advantages over last year’s traditional infrastructure.

Read More

Introducing the Bugcrowd Researcher Advisory Council

In celebration of its upcoming one year anniversary, we are thrilled to formally announce the Bugcrowd Researcher Council. Begun as a pilot program in November of 2016, Bugcrowd’s Researcher Success Team identified 5 Researchers to invite to a special kind of pilot feedback program; since then, the program has grown 200% and the Council members have given their valuable feedback on a variety of implemented improvements, including the Researcher Dashboard and the current ongoing improvements to tokenized search.

Read More

It Really Does Take A Crowd; LevelUp Recap

In the past year we’ve seen the Bugcrowd community more than double to more than 60,000 researchers, up from 26,782 at the beginning of 2016. With this growth comes the increasing responsibility to educate and foster the professional growth that our researchers seek every day.

Read More
Back To Top