Get Started with a Vulnerability Disclosure Program - Buy Online!

4.24 Million

Average cost of a data breach–Ponemon Institute

87% of Organizations

have received a critical or high priority vulnerability from a Bugcrowd VDP

No longer optional

A vulnerability disclosure program (VDP) is now increasingly mandatory across government and industry. With a VDP, you invite the public-at-large to spot and report security issues in your Internet facing assets, with disclosure responsibilities clearly defined. A simple idea in concept. But difficult to achieve in practice, on your own.

Pain-free VDP at your own pace

The solution is a managed VDP plan Bugcrowd. You get all the benefits of a well-run VDP, with none of the hassles and overhead of managing a program yourself. And, you can choose a price and entry point that makes sense for you, and buy your plan online.

Compare plan features

BASIC 15

$299/month

Perfect way to get started

Buy Now

Includes:

First 15 Submissions
Automatic Status Updates
Managed Email Submissions
Embedded Submission Form
SDLC Integration
Self Support

BASIC 75

$999/month

Ideal for ramping up a VDP

Buy Now

Includes:

First 75 Submissions
Automatic Status Updates
Managed Email Submissions
Embedded Submission Form
SDLC Integration
Self Support

CUSTOM

Ideal for high-volume VDPs

Includes:

Unlimited Submissions
Performance Dashboard
Remediation Advice
Promotional listing on Bugcrowd.com = 18x more submissions on average
Researcher Relations
Solution Architect
Managed Support

Pricing is for the first year when paid annually upfront. New VDP Customers Only

Flow prioritized findings into your SDLC with pre-built connectors

Frequently Asked Questions

If something isn’t covered, or you have any questions please email us at get.started@bugcrowd.com. Our support team is available 9am to 5pm, Monday to Friday PST.

What is a Vulnerability Disclosure Program?

Vulnerablity Disclosure Program or Responsible Disclosure Program is a program that allows security researchers to safely report found vulnerabilities to your team. It can be a messy process for researchers to know exactly how to share vulnerabilities in your applications and infrastructure in a safe and efficient manner. We make this dead simple with our multiple methods for intake and managed service features like Triage and Coordinated Disclosure.

Can I change my plan at a later stage?

After you purchase, you can work with your account team to upgrade or change your plan.

What payment options do you accept?

Currently, through self-service, only credit cards are accepted. However, at check out you can also choose to speak to a Bugcrowd representative to place a purchase order if you wish.

Do you offer annual subscriptions?

All subscriptions are currently on an annual basis, we do not offer monthly or multi-year deals via self-service at this time.

What is the maximum amount of users?

We do not limit the number of users on the platform for active programs. We do have role-based access so you can control access to specific parts of your programs and management tasks.

Can I try Bugcrowd for free?

Currently, we do not have a free offering on the Bugcrowd platform. This is because we are running a managed service on a SaaS platform. This means you get features like Triage and Coordinated Disclosure as part of our standard offering. We manage the researchers’ expectations and ensure a high signal-to-noise ratio on the programs you are running.

What happens if I'm not satisfied with my Bugcrowd program?

At the time of launch you will be assigned an account team including an account manager, they will be your primary point of contact along with your support and operations representative to ensure your program runs smoothly.

How do I cancel my plan?

To cancel your plan you can contact your account manager or email support@bugcrowd.com.

RELATED RESOURCES

Learn more about Vulnerability Disclosure Programs

Guide
Ultimate Guide to Vulnerability Disclosure

Read More