Request a Demo Contact Us
Bugcrowd Acquires Informer to Enhance Offerings Across Attack Surface Management and Penetration Testing
Learn More
Press release

Bugcrowd Enables Companies to Increase the Speed, Scale and Quality of Pen Testing with Launch of Platform-Powered Classic Pen Test

Bugcrowd harnesses the power of the Crowd in a pay-per-test model enabling organizations to launch pen tests in less than 72 hours instead of waiting for up to three months 

San Francisco, CA – April 28, 2020 – Bugcrowd, the #1 crowdsourced security company, today announced the launch of Bugcrowd Classic Pen Test, the latest product powered by the Bugcrowd platform focused on providing customers with on-demand access to methodology-driven pen testing at a fixed price. Leveraging Bugcrowd’s global network of uniquely-skilled and proven pen testers, Bugcrowd Classic Pen Test adds to the company’s Pen Test Portfolio, helping organizations reduce testing timelines while meeting critical compliance requirements and adhering to security best practices.  

Industry analysts predict the external penetration testing market will be worth $4.5 billion by 2025 in the U.S, driven by regulatory and compliance initiatives requiring all organizations to implement security best practices to mitigate cyberattacks. Those seeking services from traditional service providers face scheduling delays of up to three months, stalling sales cycles and product launches while prolonging exposure. With the increased speed afforded by agile and DevOps practices, businesses can no longer afford security solutions that can’t keep up. Bugcrowd’s security platform has proven that strategic insertion of human ingenuity across the SDLC can increase critical findings, while reducing risk and business overhead.

Bugcrowd Next Gen Pen Test (NGPT), and now Classic Pen Test, both eliminate these challenges by providing immediate access to an on-demand global network of pay-per-engagement, or pay-per-finding pen testers, thoroughly vetted, intelligently matched, and expertly managed through the Bugcrowd platform. Bugcrowd Classic Pen Test programs can be launched in under 72 hours, and provide Day-1 visibility into incoming vulnerabilities as they are received and validated. To further support rapid remediation, SDLC integrations like JIRA, GitHub, and ServiceNow push prioritized vulnerabilities to the places where development teams work, so they can fix and ship secure products faster. Customers also benefit from always-on platform reporting in addition to a full methodology-based compliance report  for ultimate program transparency and real-time visibility. 

“Organizations with regulatory and compliance requirements, and dynamic development cycles, need rapid, reliable, and fully-integrated pen testing, whenever, and wherever it best fits their application security lifecycle,” said Mark Milani, Global Head of Product and Engineering at Bugcrowd. “Classic Pen Test provides customers predictability within their security budgets and transparency in their security programs. Powered by Bugcrowd’s platform, Classic Pen Test offers the same immediate access to the Crowd, same expert triage, management, and SDLC integrations as Bugcrowd NGPT.”

Organizations can also choose add-ons like customized executive reporting, rush reporting, retesting, and even pen tester filtering by skill, geography, experience, and more. Other benefits to customers only possible through the Bugcrowd platform include:  

  • Fewer than 72 hours set up time: CrowdMatch™ skills-matching technology helps rapidly assemble the perfect team from thousands of available testers.
  • Support for high-volume testing: Access to an always available pool of researchers powered by the crowd plus platform automation speeds resourcing and launch. Get fresh eyes on multiple targets at once.
  • Real-time results and SDLC integrations: Receive vulnerabilities as they are submitted and validated rather than at the end of the assessment. SDLC integrations help fix fast.
  • Methodology-driven and Always-on reports: Satisfy compliance requirements like PCI-DSS with options to expedite or enhance. Added platform views maximize transparency.
  • Stackable pay-per-test bundles: Purchase blocks of testing  pre- or post-scoping for maximum flexibility.
  • Curated packages: Add-ons like retesting, executive reporting, and fast-track testing help create the right test for any engagement.

“ActiveCampaign believes security drives innovation within the tech stack, so we need security partners that support our ability to innovate quickly,” said Chaim Mazal, VP of Global Information Security at ActiveCampaign.  “Our partnership with Bugcrowd has enabled us to insert the power of the Crowd into our development lifecycle, covering more security use cases as our business grows. The launch of Classic Pen Test is another strong step forward for making a global network of security skills accessible to every business, of every size.”

To learn more about Bugcrowd’s Classic Pen Test solution, click here.

Bugcrowd serves thousands of customers across 65+ industries in 29 countries. Customers such as Mastercard, Fitbit,, Motorola, Twitch, Atlassian, TripAdvisor, Pinterest,, UnderArmour, Square, Twilio, HP, Etsy, Cisco Meraki, FCA and SAP, trust Bugcrowd’s flagship platform and world-class triage team to uncover, triage, and mitigate security vulnerabilities twenty-four hours a day, seven days a week. In 2018, Bugcrowd launched Next Gen Pen Test to align with the market’s demand for a scalable solution to identify high priority vulnerabilities rapidly. In 2019, the Next Gen Pen Test business grew 400%. 

Additional Resources:

About Bugcrowd 

Bugcrowd is the #1 crowdsourced security company. Top Fortune 500 organizations trust Bugcrowd to manage their Bug Bounty, Vulnerability Disclosure, Next Gen Pen Test, and Attack Surface Management programs. Bugcrowd’s award-winning platform combines actionable, contextual intelligence with the skill and experience of the world’s most elite hackers to help leading organizations identify and fix vulnerabilities, protect customers, and make the digitally connected world a safer place. Based in San Francisco, Bugcrowd is backed by Blackbird Ventures, Costanoa Ventures, Industry Ventures, Paladin Capital Group, Rally Ventures, Salesforce Ventures and Triangle Peak Partners. Learn more at