Bugcrowd Blog

Payton O'Neal

Recent Posts

Bugcrowd's 2017 RSAC + BSides SF Recap

Posted by Payton O'Neal on Feb 17, 2017 2:28:36 PM
We made it through yet another week of craziness that is BSides SF and RSAC. Now we'd like to take a moment to give you a recap of what we were up to and what we enjoyed throughout the week...
Read More

Top 2017 AppSec Tools

Posted by Payton O'Neal on Jan 23, 2017 3:47:42 PM

At the close of 2016, we surveyed 100 CISOs and decision makers to get a sense of their 2017 security priorities. The full report will be released next week. In the meantime, you can learn more about a few of the top application security focus areas and challenges in our previous post. This post will build on those trends, diving into specific tools and best practices appsec organizations are using.

Read More

Case Study: Twilio's Bug Bounty Program Over the Years

Posted by Payton O'Neal on Jan 17, 2017 6:37:00 AM

After two and a half years of running an outstanding bug bounty program with Bugcrowd, we’d like to shine a spotlight on one of our most engaged customers–Twilio.

Read More
Case Studies

Top 2017 AppSec Challenges and Investment Areas

Posted by Payton O'Neal on Jan 11, 2017 12:37:37 PM

At the close of 2016, we surveyed 100 CISOs and decision makers to get a sense of their 2017 security priorities. The full report will be released at a later date. In the meantime, you can learn more about a few of the top application security focus areas and challenges in this post.

Read More

Case Study: The ROI of Okta's Bug Bounty Program

Posted by Payton O'Neal on Jan 5, 2017 11:21:42 AM

A few months ago we celebrated the launch of Okta's public bug bounty program after having run a private program for years. Today, we're taking a closer look at how their bug bounty program has influenced their application security program.

Read More
Case Studies

Bugcrowd in 2016: Transparency, Education, and Quality

Posted by Payton O'Neal on Dec 20, 2016 9:03:00 AM

It goes without saying that it has been a HUGE year for appsec. We’ve seen yet another record breaking year of breaches, we had the largest breach in recorded history–Yahoo, and we also witnessed the largest DDoS attack as far as we know at 1.2TB–Mirai. 

Read More
Bugcrowd News

2017 Predictions: Three Experts Discuss Security Challenges for the Coming Year

Posted by Payton O'Neal on Dec 14, 2016 1:36:31 PM

This week we chatted with three security heavyweights to talk about the top security risks and concerns in the upcoming year. The panel of industry experts includes Jeremiah Grossman, Founder of WhiteHat Security and Chief of Security Strategy with SentinelOne, Daniel Miessler, Project Leader: OWASP IoT Security Project and Richard Rushing, CISO at Motorola Mobility.

Read More

Bug Bounty Myth #7: Bounty programs are too hard to manage

Posted by Payton O'Neal on Dec 6, 2016 8:45:00 AM

Over the past months, we’ve addressed the bug bounty misconceptions outlined in our recent guide, 7 Bug Bounty Myths, Busted. So far we’ve...

Today we're taking a look at what it really takes to manage a bug bounty program in our last post in this series...

Read More
Running Your Own Program, Research and Reports

Case Study: Aruba's Private Bug Bounty Program

Posted by Payton O'Neal on Dec 1, 2016 8:01:00 AM
After over two years of running an outstanding bug bounty program with Bugcrowd, we’d like to give some recognition to one of our longest standing and committed customers–Aruba Networks.
 
Since 2014, Aruba has successfully leveraged Bugcrowd’s most skilled and trusted researchers through a private bug bounty program for their web applications and hardware devices. Download the Aruba Case Study to learn more about their success.

 

Read More
Case Studies

Bug Bounty Myth #6: Bug Bounties are too costly and hard to budget for.

Posted by Payton O'Neal on Nov 29, 2016 10:52:27 AM

In the past several weeks, we’ve been adressing the bug bounty misconceptions in our guide, 7 Bug Bounty Myths, Busted. So far we’ve...

Today we’re talking logistics around budget.

Read More
Running Your Own Program, Research and Reports