Bugcrowd is a proud sponsor of Nullcon 2015 which is rapidly approaching! We’re working with some of the best researchers from the Bugcrowd community to host a Bug Bash at Nullcon on February 7th. Meet and learn from some of the best researchers in the world, and compete to rise to the top of the Bug Read article →
Keep track of the latest security news, and in touch with the bounty community.
We won't email you every time we post. Only our most important news occasionally.
[Bugcrowd is a proud sponsor of Nullcon 2015, which is rapidly approaching! While we are hard at work preparing to host an awesome Bug Bash event, we want to introduce you to a few of our outstanding Crowd members in India that will be on the ground helping all the Nullcon Bug Bash participants to Read article →
[The Shmoocon presentations I recommended last week did not disappoint, and I’m excited to have the opportunity to share some of the great research I saw there with Bugcrowd customers and Crowd members. This tool released by Justin Kennedy and Steve Breen can be used by both Red Teams and Blue Teams. Enjoy! ~Kymberlee] Guest Blog: httpscreenshot – Read article →
Ready to do some bounty hunting? Great! Whether this is your 1st time or your 500th, the first thing to do when you sit down to the computer is read the Bounty Brief. Maybe you’ve read the Bounty Brief for the program before, or you just want to get down to hacking… but always be sure you read Read article →
Every year, with rare exception, I make the trip to Washington DC for Shmoocon. Now in its 11th year, this conference is one of my very favorites. Not only are the talks fantastic, but the community is amazing. There are so many activities that go on throughout the conference! Whether it is Fire Talks, Read article →
Recently Geekspeed discussed the importance of well written repro steps when he shared his tips on writing a great vulnerability submission. Digging deeper into that, I’d like to reference a great blogpost by Planet Zuda on Writing a Proof of Concept For Security Holes. ~Kymberlee Republished with permission from: http://planetzuda.com/2014/12/29/how-to-write-a-good-proof-of-concept-for-security-holes/ How To Write a Proof Of Read article →
[note: Happy New Year Bugcrowd researchers! Once you’ve read the Submission Accomplished blogpost for vulnerability reporting 101, this guest blogpost is recommended reading to help you write effective reports on the vulnerabilities you find. ~Kymberlee] Guest Blog: Geekspeed’s Advice for Writing a Great Vulnerability Report by: John Stauffacher No lie, it took me eight nine Read article →
As the Holiday season and New Year’s quickly approaches, it’s a perfect time to reflect on some lessons learned this year. One in particular that has been top of mind as the Bug Bounty craze has grown this year isn’t what makes a program successful, but what makes a Bug Bounty program fail. As with Read article →
Hi everyone, I’m Sam Houston. I recently joined the Bugcrowd team as Community Coordinator, a job title that basically means I’ll be working with and alongside Bugcrowd researchers to foster community engagement and growth. But what does that mean?
Last week, Bugcrowd hosted OWASP Bug Week, an online competition for security researchers all over the world to find security bugs in live products. The researcher who found the “Best Bug” of the week won a badge to AppSecEU. To celebrate Bug Week, we also hosted a Bug Bash at our headquarters in San Francisco with Read article →