skip to Main Content

Topic: Vulnerability Disclosure

Photobox Security Times the Power of the Crowd

This blog was written by Stu Hirst, Head Of Security Engineering, Photobox Group I’ve been a believer in the power of the bug bounty model since 2015 when I ran my first 2-week program with Bugcrowd. During that program the researchers…

Read More

Researcher Documents Updates

In order for Researchers to be successful, it is vital to clearly communicate expectations. We have refined verbiage in both the Bugcrowd Standard Disclosure Terms and the Bugcrowd Researcher Code of Conduct, and these changes are highlighted below: In the…

Read More

Cut Through The Noise; The Value of a Disclosure Program

In talking with our customers, and particularly larger customers, we often hear of the need to establish an open, public, and passive channel for vulnerability disclosure from their users, customers, and the broader security community. These customers aren’t always ready for a public bug bounty but they may already have an existing security@ email address. They often have an existing security page and want the ability to accept disclosures directly from their website.

Read More
Back To Top