High demand for crowdsourced security and managed bug bounty programs fuels global expansion
LAS VEGAS—BLACK HAT USA 2018 Booth #1236 – August 8, 2018 – Bugcrowd, the leader in crowdsourced security, today announced the company achieved record growth in the first half of the year. Bugcrowd now works with leading organizations across more than 50 industry sectors in over 30 countries. In addition to expanding its sales, operations, and engineering presence in both Europe and the Asia-Pacific region, Bugcrowd recently added 15 new security industry technology and channel partners.
According to Gartner’s June 2018 Emerging Technology Analysis: Bug Bounties and Crowdsourced Security Testing “By 2022, automated and CSSTP (Crowdsourced Security Testing Platform) products and services will be employed by more than 50% of enterprises, up from less than 5% today.” Founded in 2012, Bugcrowd was the first to offer managed bug bounty, vulnerability disclosure and next-gen penetration testing to customers. As a result, the company has seen exceptional growth as companies face increasing security risks due to expanding attack surfaces and a lack of cybersecurity resources. According to industry research, in the next three years there will be an estimated 3.5 million unfulfilled security positions worldwide.
“Bug bounty is a critical piece of our vulnerability management and application security program,” said Teza Mukkavilli, Director of Information Security, Upwork. “Working with Bugcrowd allows us to tap into a global community of security researchers who use multidimensional techniques to help identify vulnerabilities at a faster rate and enhance the overall security of our products for our customers.”
Bugcrowd has more experience providing custom, managed bug bounty, vulnerability disclosure and next-gen penetration testing programs than any other platform. As a result, more industry leaders around the world, including Atlassian, Fitbit, Jet.com, Netgear, Square, HP, Mastercard, Upwork, and more trust Bugcrowd for crowdsourced security. Bugcrowd customers see a 7x improvement in finding high priority vulnerabilities than traditional approaches.
“Business today are at a crossroads — market pressure to release products faster paired with the cybersecurity skills shortage has resulted in a growing, underprotected attack surface,” said Ashish Gupta, CEO, Bugcrowd. “The status quo is no longer an option — businesses around the world need to rethink their security strategies to level the cybersecurity playing field. Our value is that we cost effectively bring the creativity of the crowd to outsmart adversaries and increase their cost of attack. As the crowdsourced security market leader, Bugcrowd has seen exceptional growth of its customer base across every industry.”
For enterprise customers and security executives, Bugcrowd added a number of new features and integrations to its industry-leading Crowdcontrol™ platform to help organizations reduce risk and bring secure products to market faster.
- Remediation Advice provides step-by-step guidance and industry standard resources to accelerate remediation and reduce risk faster while introducing secure coding methodologies that help educate development teams and improve code velocity.
- Bi-directional Jira integration delivers automated workflows to streamline the management of vulnerabilities from validation to remediation.
- Multiple disclosure channels enable security researchers to submit security issues against any of an organization’s publicly facing digital assets through Bugcrowd’s centralized submission management platform.
For the Crowd, the company added a number of new features and capabilities to improve their experience on the platform, optimize their success bug hunting, and improve outcomes for customers. There are now 90,000 trusted security researchers from 100 countries around the world, making up the largest, deployable Crowd in the industry. With the majority of this Crowd (62 percent) investing in tools and education and 71 percent seeking to bug hunt full time, Bugcrowd has invested in education opportunities and initiatives that make it easier to earn a living working on crowdsourced security programs.
- Bugcrowd Elite is the new private Crowd amassed from its most skilled and trusted researchers within the active community of 90,000 white hat hackers working on the Bugcrowd platform.
- Bugcrowd Leaderboards have been updated, and there are now two new leaderboards for researchers to compete on both paid and kudos-only programs — as well as compare their skills and achievements with leaders in the crowd.
- Bugcrowd University provides researcher education and training to advance the state of application security training, community engagement and content delivery. Bugcrowd University is free and open to all researchers — not just those on the Bugcrowd Platform.
- Disclose.io is a collaborative and vendor-agnostic, open-source project to standardize best practices for providing a safe harbor for security researchers within bug bounty and vulnerability disclosure programs (VDPs).
To support the growing base of customers and the Crowd, Bugcrowd made significant investments in talent and operations.
- Bugcrowd added four seasoned executives to the management team in the first half of 2018: Rick Beattie as vice president of global sales, Jonathan Gohstand as vice president of product, Mark Milani as global head of engineering, and Michael Schultz as vice president of marketing.
- Employee hiring continues to increase, and there are now over 125 full-time employees around the world. Bugcrowd recently announced its expanded presence in Australia.
- Total Bugcrowd funding increased to nearly $50 million as the company closed a $26 million Series C round in March.
Bugcrowd is the #1 crowdsourced security platform. More enterprise organizations trust Bugcrowd to manage their bug bounty, vulnerability disclosure, and next-gen pen test programs. By combining the largest, most experienced triage team with the most trusted hackers around the world, Bugcrowd generates better results, reduces risk through remediation advice, and empowers organizations to release secure products to market faster — with no hidden fees. Based in San Francisco, Bugcrowd is backed by Blackbird Ventures, Costanoa Ventures, Industry Ventures, Paladin Capital Group, Rally Ventures, Salesforce Ventures and Triangle Peak Partners. Bugcrowd. Outhack Them AllTM. Learn more at www.bugcrowd.com.