Last week, Bugcrowd hosted OWASP Bug Week, an online competition for security researchers all over the world to find security bugs in live products. The researcher who found the “Best Bug” of the week won a badge to AppSecEU. To celebrate Bug Week, we also hosted a Bug Bash at our headquarters in San Francisco with Read article →
Keep track of the latest security news, and in touch with the bounty community.
We won't email you every time we post. Only our most important news occasionally.
Barracuda has been a pioneer in helping shape the bug bounty ecosystem that exists today. Since 2010, the IT security leader has been running its own bug bounty program on its networking and security appliance and VM products. We’re pleased to announce our partnership with Barracuda, who has moved their bug bounty program over to Read article →
Hello! I’m Kymberlee Price and I’m the newest addition to the Bugcrowd team. As the Senior Director of Operations I am responsible for the ongoing operational management, strategic growth, and skill development of Bugcrowd’s crowdsourced security research team and their functions. That is a fancy way of saying that I will be responsible for building Read article →
Perhaps you’ve heard of companies launching bug bounties in the news, or are looking to improve upon your current security assessment tools and services. Incentivizing security researchers to responsibly report vulnerabilities they discover for a reward provides an extra layer of security via crowdsourcing. Heroku, Twilio, Pinterest, and Dropcam are a small sample of proactive companies utilizing Read article →
In celebration of the 10 year anniversary of the Argentine security conference, ekoparty, Bugcrowd is doubling our payouts for the bugs submitted during the conference. From now until 21:10ART, Bugcrowd will pay out twice as much as the assigned reward money for the bug bounty program on our product. Check out our bounty page and Read article →
¡Bugcrowd está aprendiendo Español! Vamos a Argentina para ekoparty esta semana, y vamos a hablar con los investigadores argentinos, así que queríamos asegura que nuestro FAQ fue traducido al español también. Además, en un esfuerzo para hacer crecer con mayor precisión la base de talento investigador mundial, Bugcrowd ha comenzado a hacer su plataforma más Read article →
We recommend our researchers read this guide as it provides answers to common questions regarding bounties, submissions, and all relevant facets of the Bugcrowd portal bounty system. Are you a security researcher? Sign up and begin hunting for vulnerabilities today! General Questions Why Bugcrowd? Since 2012, Bugcrowd has been making it easier to disclose Read article →
When submitting vulnerabilities via the Bugcrowd’s Crowdcontrol platform, it’s important to ensure that you provide enough information for the vulnerability to be validated. Without this information, the submission may be delayed or incorrectly marked, resulting in issues with the submission process. Obviously this is something that affects both researchers and the bounty owner. Below we’ve Read article →
If you’ve been paying attention to your Bugcrowd researcher profile, you may have noticed it was recently updated with an Accuracy metric. Accuracy is a new measure of effectiveness we’ve rolled out across all profiles. It measures the ability of a researcher to identify and report vulnerabilities that are marked valid and eventually fixed. Below, Read article →
Today, Homeboy released their slick based battery-powered Wi-Fi cameras, which TechHive called what “could be the best home-security cameras yet”. What you probably haven’t heard is how Homeboy proactively tested the security of their cameras with 20 of Bugcrowd’s elite security researchers before launching. Bugcrowd security researcher Tobias Mccurry was one of the twenty that received a Homeboy camera before Read article →