Upwork takes bug bounty program public, offering up to $5,000 for each vulnerability discovered in its marketplace
SAN FRANCISCO – June 19, 2017 – Bugcrowd, the leader in crowdsourced security, today announced Upwork has launched a public bug bounty program on the CrowdcontrolTM platform. Building on the success of their private program, the public program offers rewards of up to $5,000 for valid vulnerabilities on the Upwork web domains, mobile applications (iOS and Android), collaboration tool (Upwork Messages) and API.
“Bug bounty is a critical piece of our vulnerability management and application security program,” said Teza Mukkavilli, Director of Information Security at Upwork. “Working with Bugcrowd allows us to tap into a global community of security researchers who use multidimensional techniques to help identify vulnerabilities at a faster rate and enhance the overall security of our products for our customers.”
Information is an asset that, like other important business assets, is essential to Upwork and consequently needs to be suitably protected. Upwork has always been focused on providing a secure environment for its community of freelancers and clients, so they can safely use its platform. Bugcrowd supports this goal, enabling Upwork’s vulnerability response team to focus on important vulnerabilities and work with internal teams to get them fixed.
‘’Demonstrating a strong security stance is more important for organizations today than ever before,” said Ashish Gupta, CEO, Bugcrowd. “Upwork leads the space in many ways with a progressive business model and a progressive approach to their security posture using crowdsourced bug bounty programs. We are proud to work with them to build the trust of their customers.”
Bugcrowd’s fully managed crowdsourced security programs ensure ongoing success of each and every bug bounty and vulnerability disclosure program run. Today more industry-leading platforms, including Atlassian, Fitbit, Netflix and Square trust their crowdsourced security programs to Bugcrowd.
For more information on Upwork bug bounty program, or to participate, visit bugcrowd.com/upwork.
- Learn more about Bugcrowd and our Customer Stories
- Read the latest report: 2018 Bugcrowd State of Bug Bounty Report
- Follow us on Twitter
- Follow us on LinkedIn
Bugcrowd is trusted by more of the Fortune 500 than any other crowdsourced security platform. Why? Because people need the increased security of a bug bounty without all the extra work and chaos. Bugcrowd cracked the code on crowdsourced security through rock-solid program management, top trusted researchers and a versatile platform. That’s how our vulnerability disclosure and bug bounty programs find seven times as many critical vulnerabilities as traditional testing. Based in San Francisco, Bugcrowd is backed by Blackbird Ventures, Costanoa Ventures, Industry Ventures, Paladin Capital Group, Rally Ventures, Salesforce Ventures and Triangle Peak Partners. Bugcrowd. Outhack Them AllTM. Learn more at www.bugcrowd.com.
Upwork is the largest global freelancing website. It enables businesses to find and work with highly skilled freelancers. As an increasingly connected and independent workforce goes online, knowledge work — like software, shopping and content before it — is shifting online as well. This shift is making it easier for clients to connect and work with talent in near real-time and is freeing professionals everywhere from having to work at a set time and place. Our company’s mission is to create economic opportunities so people have better lives.