By Erica Azad May 26, 2021Vulnerability Disclosure Programs: Luxury or Necessity? Many organizations recognize the value and benefits of a Vulnerability Disclosure Program (VDP). But what are some of the consequences of not having a VDP? This infographic explores this question and examines if VDPs are a necessity or a luxury.… Read More
By Bugcrowd Product Marketing May 20, 2021Infographic: What are Vulnerabilities? Vulnerabilities are components of code that can be exploited to negatively impact the security of data, systems, people, or IP. According to ISO/IEC 29147:2018, a vulnerability is, "a behavior or set of conditions present in a system, product, component, or… Read More
By Bugcrowd May 12, 2021Vulnerability Disclosure Policy: What is It & Why is it Important? A vulnerability disclosure policy sets the rules of engagement for an ethical hacker to identify and submit information on security vulnerabilities. Vulnerability disclosure policies establish the communications framework for the report of discovered security weaknesses and vulnerabilities. This enables all… Read More
By Casey Ellis Mar 8, 2021NIST: Vulnerability Disclosure as a Requirement for Every Organization What is the NIST Cybersecurity Framework? The NIST Cybersecurity Framework is a set of policies meant to help the private sector in strengthening their cybersecurity readiness and awareness. The framework is published by the National Institute of Standards and Technology… Read More
By Bugcrowd Product Marketing Dec 3, 2020What’s a Vulnerability Disclosure Program? In the past year, the U.S. Federal Trade Commission (FTC) and Department of Justice (DOJ) have released guidance outlining the need for vulnerability disclosure programs (VDP). With support from major legislative bodies like the National Institute of Standards and Technology,… Read More
By Bugcrowd Product Marketing Aug 13, 2020Ultimate Guide to Vulnerability Disclosure: Report Recap Vulnerability Disclosure Programs (VDPs) help organizations reduce risk across publicly-accessible assets by relying on the voluntary contributions of end-users, customers, and good-faith security researchers. But many organizations still have questions about how (and why) they should incorporate these programs into… Read More
By Bugcrowd Aug 5, 2020The Who, What, Where, and Why of VDPs The average iPhone app has just under 50,000 lines of code. Testing at these volumes, while factoring in pressure to launch on time, makes it nearly impossible to surface all potential vulnerabilities pre-production. Organizations need a way to identify vulnerabilities… Read More
By Bugcrowd Product Marketing Jul 10, 2020Vulnerability Disclosure Programs: 7 Reasons Why CEOs Need Them Too Have you ever had a vendor claim to reduce attacks against your business? Unless they’re running some sort of protection racket, “reducing attacks” isn’t really possible. What they might mean is that they’ll help you avoid negative consequences from the… Read More
By Bugcrowd Product Marketing Dec 16, 2019Bugcrowd Launches CrowdStream and In-Platform Coordinated Disclosure Security is a team sport. The information held by fellow security practitioners and researchers has the power to affect how and when we respond to adversarial threats. The sooner this information can be shared, the sooner it can be actioned… Read More
By Guest Post Sep 27, 2019[GUEST POST] The Impact of our Researchers – StackPath and Vulnerability Disclosure This guest blog was authored by the StackPath security team. StackPath is a platform of secure edge services that enables developers to protect, accelerate, and innovate cloud properties ranging from websites to media delivery and IoT services. As a leading… Read More
