Keep track of the latest security news, and in touch with the bounty community.

OWASP Bug Week 2014 Recap

Last week, Bugcrowd hosted OWASP Bug Week, an online competition for security researchers all over the world to find security bugs in live products. The researcher who found the “Best Bug” of the week won a badge to AppSecEU. To celebrate Bug Week, we also hosted a Bug Bash at our headquarters in San Francisco with Read article →

The Barracuda Bug Bounty Story

Barracuda has been a pioneer in helping shape the bug bounty ecosystem that exists today. Since 2010, the IT security leader has been running its own bug bounty program on its networking and security appliance and VM products. We’re pleased to announce our partnership with Barracuda, who has moved their bug bounty program over to Read article →

Building bridges between customers and researchers

Hello! I’m Kymberlee Price and I’m the newest addition to the Bugcrowd team.  As the Senior Director of Operations I am responsible for the ongoing operational management, strategic growth, and skill development of Bugcrowd’s crowdsourced security research team and their functions. That is a fancy way of saying that I will be responsible for building Read article →

5 Reasons to Crowdsource your Security Testing

Perhaps you’ve heard of companies launching bug bounties in the news, or are looking to improve upon your current security assessment tools and services. Incentivizing security researchers to responsibly report vulnerabilities they discover for a reward provides an extra layer of security via crowdsourcing. Heroku, Twilio, Pinterest, and Dropcam are a small sample of proactive companies utilizing Read article →

Bugcrowd doubles our bounty during ekoparty

In celebration of the 10 year anniversary of the Argentine security conference, ekoparty, Bugcrowd is doubling our payouts for the bugs submitted during the conference. From now until 21:10ART, Bugcrowd will pay out twice as much as the assigned reward money for the bug bounty program on our product. Check out our bounty page and Read article →

Preguntas más frecuentes de Bugcrowd para investigadores en español

¡Bugcrowd está aprendiendo Español! Vamos a Argentina para ekoparty esta semana, y vamos a hablar con los investigadores argentinos, así que queríamos asegura que nuestro FAQ fue traducido al español también. Además, en un esfuerzo para hacer crecer con mayor precisión la base de talento investigador mundial, Bugcrowd ha comenzado a hacer su plataforma más Read article →

Bugcrowd Researcher FAQ

We recommend our researchers read this guide as it provides answers to common questions regarding bounties, submissions, and all relevant facets of the Bugcrowd portal bounty system. Are you a security researcher? Sign up and begin hunting for vulnerabilities today!   General Questions Why Bugcrowd? Since 2012, Bugcrowd has been making it easier to disclose Read article →

Submission accomplished

When submitting vulnerabilities via the Bugcrowd’s Crowdcontrol platform, it’s important to ensure that you provide enough information for the vulnerability to be validated. Without this information, the submission may be delayed or incorrectly marked, resulting in issues with the submission process. Obviously this is something that affects both researchers and the bounty owner. Below we’ve Read article →

Introducing Bugcrowd’s Accuracy Metric

If you’ve been paying attention to your Bugcrowd researcher profile, you may have noticed it was recently updated with an Accuracy metric. Accuracy is a new measure of effectiveness we’ve rolled out across all profiles. It measures the ability of a researcher to identify and report vulnerabilities that are marked valid and eventually fixed. Below, Read article →

Testing Homeboy as a security researcher – My experience

Today, Homeboy released their slick based battery-powered Wi-Fi cameras, which TechHive called what “could be the best home-security cameras yet”. What you probably haven’t heard is how Homeboy proactively tested the security of their cameras with 20 of Bugcrowd’s elite security researchers before launching. Bugcrowd security researcher Tobias Mccurry was one of the twenty that received a Homeboy camera before Read article →