Bugcrowd Blog

Kymberlee Price

Recent Posts

Hack to Win a Blackphone 2

Posted by Kymberlee Price on Feb 22, 2016 1:34:30 PM

We are proud to partner with Silent Circle to offer the crowd an opportunity to earn a free Blackphone!  

Silent Circle launched their bounty program with Bugcrowd in September 2014, and continues their tradition of working collaboratively with, and rewarding security researchers for their vulnerability submissions. To that same end, this contest brings together Bugcrowd's security researcher community and Silent Circle's commitment to create and support secure products. 

Read More
Program Updates

December 2015 Hall of Fame

Posted by Kymberlee Price on Dec 31, 2015 3:37:00 PM

Bugcrowd is excited to announce our December 2015 Hall of Fame winners!  To thank our top performers for their hard work, Bugcrowd is pleased to announce that the following three researchers will receive bonuses for their performance.

Read More
Bugcrowd News

October & November 2015 Hall of Fame

Posted by Kymberlee Price on Dec 2, 2015 9:11:12 AM

Bugcrowd is excited to announce our October & November 2015 Hall of Fame winners! To thank our top performers for their hard work, Bugcrowd is pleased to announce that six researchers will receive bonuses for their performance.

Read More
Bugcrowd News

September 2015 Hall of Fame

Posted by Kymberlee Price on Oct 16, 2015 7:20:26 AM

September 2015 Hall of Fame announcement time! Big recognition goes to securityidiots, who topped the September leaderboard with 329 points earned through multiple P1 and P2 submissions.

Read More
Bugcrowd News

August 2015 Hall of Fame

Posted by Kymberlee Price on Sep 3, 2015 10:06:44 AM

It is time for the August 2015 Hall of Fame, our first month running with the new kudos points award model. Big recognition goes to harie_cool, who has topped the monthly leaderboard 2 months straight due to his solid string of P1 and P2 submissions.

Read More
Bugcrowd News

How We Measure Crowd Performance

Posted by Kymberlee Price on Aug 16, 2015 11:51:20 AM

Have you ever wondered how we measure Crowd performance? The first measure you probably think of is a researcher’s Rank, which is based on Kudos points.

Read More
Interesting, Bugcrowd News

Vulnerability Prioritization at Bugcrowd

Posted by Kymberlee Price on Aug 14, 2015 9:07:43 AM

The only way for a security team to effectively manage risk is vulnerability prioritization and management. There are many different prioritization models used across the industry that are based on vulnerability risk and impact. Without a clear prioritization model, how do you know what to fix first? Highest CVSS Score? FIFO? LIFO? Externally known issues? Whatever your prioritization plan is, it needs to be documented and updated as threats to your business change.

Read More
Bugcrowd News, Bug Hunter Tips and Tricks

July 2015 Hall of Fame

Posted by Kymberlee Price on Aug 13, 2015 8:08:22 AM

It is time for the July 2015 Hall of Fame, and this month we had an unusual situation. We ran an internal project for our Application Security Engineers, and jhaddix crushed it. But the performance bonus program is for the Crowd, not employees. As a result, in July we are awarding the 1st, 2nd, and 4th place researchers. To thank these individuals for their hard work, Bugcrowd is pleased to announce the following researchers will receive July 2015 performance bonuses:

Read More
Bugcrowd News

Earn Rewards up to $1000 for LastPass Vulnerabilities

Posted by Kymberlee Price on Jul 22, 2015 2:39:27 AM

LastPass is further deepening their commitment to application security and adding cash rewards up to $1,000 for the LastPass bounty program! As of 1600 GMT today, LastPass is now offering cash rewards from $50 to $1,000 for valid first to find vulnerabilities submitted through their Bugcrowd bounty program.

Read More
Program Updates

Come to the Bugcrowd AMA Lounge at Defcon!

Posted by Kymberlee Price on Jul 20, 2015 12:13:03 PM

Several weeks ago I blogged about a VIP Crowd party we are holding for researchers at Defcon, and said there would be many announcements to follow...

Read More
Conferences