Request a Demo Contact Us
Need a Pen Test? Get Started Now!
Learn More

Vulnerability Disclosure Programs made simple

Choose the VDP plan that’s right for you

bugcrowd-product-hero@2x

4.24 Million

Average cost of a data breach–Ponemon Institute

87% of Organizations

have received a critical or high priority vulnerability from a Bugcrowd VDP

Grow at your own pace

vulnerability disclosure program is now mandatory in an increasing number of government organizations and commercial industries. With a VDP, you essentially invite the world to help you spot security issues in your Internet facing assets and then make fixes based on what they find. A simple idea in concept. But extremely difficult to achieve in practice. The answer? Bugcrowd VDP.

Pain-free VDP

With a managed VDP plan from Bugcrowd, you get all the security benefits and risk reduction that a well-run VDP provides, but with none of the hassles and overhead of doing it all from scratch.

Top organizations trust Bugcrowd for VDP

Bugcrowd-managed VDP plans

Wherever you are on your vulnerability disclosure journey, Bugcrowd has a plan for you. All Bugcrowd VDP offerings are fully managed, which means we handle program design and deployment, as well as vulnerability validation, triage, and prioritization so you can fix critical issues faster. And with Bugcrowd, there are no hidden fees or unexpected surprises.

Getting started with a Basic plan is easy:

  1. Click the “Buy” button below for your plan
  2. Create a Bugcrowd account (or login)
  3. Follow the onboarding instructions to configure your VDP
  4. Enter your credit card number or contact us about using a different payment method. We’ll respond within 24 business hours to confirm!

For a Custom plan, we’ll contact you directly.

Compare plan features

BASIC 15

Ideal for getting started with a VDP
Includes:
  • First 15 Submissions of security feedback from a global community
  • Managed Triage
  • Coordinated Disclosure
  • Continuous coverage
  • Real-time results
  • Automatic status updates to researchers
  • Managed Email Submissions
  • Embedded Submission form for your websites
  • Library of APIs, webhooks, and pre-built connectors for SDLC integration
  • Account management

BASIC 75

Ideal for ramping up a VDP
Includes:
  • First 75 Submissions of security feedback from a global community
  • Managed Triage
  • Coordinated Disclosure
  • Continuous coverage
  • Real-time results
  • Automatic status updates to researchers
  • Managed Email Submissions
  • Embedded Submission form for your websites
  • Library of APIs, webhooks, and pre-built connectors for SDLC integration
  • Account management

CUSTOM

Ideal for high-volume VDPs
Everything in Basic 75, plus:
  • Researcher relations
  • Remediation advice
  • In-program performance dashboards
  • Trusted security advisor for programs
  • Hosted VDP on Bugcrowd website with promotional listing—18x more submissions on average

Pricing is for the first year when paid annually upfront. New VDP Customers Only

OUR CUSTOMERS

Experienced. Proven. Trusted.

Yves-Hiernaux-Beebole
Bugcrowd PTaaS gives me, my team, and our clients complete peace of mind that BeebBole is up and running securely. Bugcrowd has been nothing but fast, efficient, and meticulous.
Yves Hiernaux, CEO & Co-Founder, BeeBole

Frequently Asked Questions

If something isn’t covered, or you have any questions please email us at get.started@bugcrowd.com. Our support team is available 9am to 5pm, Monday to Friday PST.

Vulnerablity Disclosure Program or Responsible Disclosure Program is a program that allows security researchers to safely report found vulnerabilities to your team. It can be a messy process for researchers to know exactly how to share vulnerabilities in your applications and infrastructure in a safe and efficient manner. We make this dead simple with our multiple methods for intake and managed service features like Triage and Coordinated Disclosure.

After you purchase, you can work with your account team to upgrade or change your plan.

Currently, through self-service, only credit cards are accepted. However, at check out you can also choose to speak to a Bugcrowd representative to place a purchase order if you wish.

All subscriptions are currently on an annual basis, we do not offer monthly or multi-year deals via self-service at this time.

We do not limit the number of users on the platform for active programs. We do have role-based access so you can control access to specific parts of your programs and management tasks.

Currently, we do not have a free offering on the Bugcrowd platform. This is because we are running a managed service on a SaaS platform. This means you get features like Triage and Coordinated Disclosure as part of our standard offering. We manage the researchers’ expectations and ensure a high signal-to-noise ratio on the programs you are running.

At the time of launch you will be assigned an account team including an account manager, they will be your primary point of contact along with your support and operations representative to ensure your program runs smoothly.

To cancel your plan you can contact your account manager or email support@bugcrowd.com.