Bugcrowd Blog

Travis Andrade

Recent Posts

New Feature: Traffic Control Provides Unprecedented Coverage and Control for Crowdsourced Security Testing

Posted by Travis Andrade on Dec 19, 2017 10:30:00 AM

Bugcrowd has done it again! Today we announced an innovative enhancement to Crowdcontrol–introducing Traffic Control, a proprietary feature built to deliver a solution for secure crowdsourced security testing.

Read More
Product Updates

Bugcrowd Introduces a New, Intuitive Submission Search Bar

Posted by Travis Andrade on Nov 21, 2017 8:00:00 AM

We are excited to introduce new submission search and filtering capabilities to Crowdcontrol, built to optimize the time you spend finding submissions.

Over the last three years, we have seen a steady rise in vulnerability submissions, with a 67% increase in submissions year over year and a 73% increase of valid submissions. What is driving this steady rise? Our recent “2017 State of the Bug Bounty Report” discusses bounty adoption growth, citing a 77% increase in new programs over the last year. Of all the programs we run, 44% are organizations larger than 500 employees. Often times, organizations of this size have much larger attack surfaces, which can result in a high rate of submissions. In order to ensure our users are able to keep up with this increase in activity, they need novel ways to query their submissions.

Since the 1990’s, the internet has been filling our digital world with an insurmountable amount of content right at the edge of our fingertips. However, because of the amount, much of this content isn’t always applicable to you. So where do you go to easily find relatable information that yields the most value? Google, of course! In 1998, the company invented a simple solution to filter through a mass amount of data to find exactly what you are looking for, and fast!

Just as Google helps you find the most relevant content for you based on a simple search, Crowdcontrol now allows you to find the exact submission you are looking for. We recognize each user on Bugcrowd is unique–whether you are a researcher or customer; the importance of one query to an organization may not be important to another. With that in mind, Crowdcontrol’s new submission filtering offers a tokenized search capability, allowing you to easily search and find specific submissions.

Read More
Product Updates

Consistency is Key: Aligning Bugcrowd’s VRT with CVSS

Posted by Travis Andrade on Oct 10, 2017 10:00:00 AM

We are proud to announce the newest Crowdcontrol update, which now maps the open standard Vulnerability Rating Taxonomy (VRT) to the Common Vulnerability Scoring System (CVSS) v3, allowing organizations to manage submission severity with CVSS v3!

Read More
Product Updates

Cut Through The Noise; The Value of a Disclosure Program

Posted by Travis Andrade on Sep 27, 2017 10:00:00 AM

In talking with our customers, and particularly larger customers, we often hear of the need to establish an open, public, and passive channel for vulnerability disclosure from their users, customers, and the broader security community. These customers aren’t always ready for a public bug bounty but they may already have an existing security@ email address. They often have an existing security page and want the ability to accept disclosures directly from their website.

Read More
Product Updates

Quickly Identify and Take Action with Bugcrowd's Slack Integration

Posted by Travis Andrade on Aug 4, 2017 9:00:00 AM

The release of our newest integration with Slack now allows you to receive actionable bounty notifications immediately!

Organizations continue to transition to an agile software development lifecycle in today’s fast paced market where there is an increased need for developing applications quickly, efficiently, and securely. Our platform, Crowdcontrol, enables companies to seamlessly implement bug bounty programs into their SDLC by integrating with their everyday tools, such as Slack, to ensure organizations release secure software fast.

Read More
Product Updates

June 2017 Hall of Fame Results!!

Posted by Travis Andrade on Jul 6, 2017 10:10:35 AM

Bugcrowd is excited to announce our June 2017 Hall of Fame winners! 

At the top, mongo is in our first place spot again :), with Web_Plus following closely behind in second and ahmedehane rounding out our top three! To thank our top performers for their hard work, Bugcrowd is pleased to announce that all three researchers have received bonuses for their performance in the month of June.

  1. mongo - 844 points - $2,500 bonus 
  2. Web_Plus - 813 points - $1,500 bonus
  3. ahmedehane - 602 points - $1,000 bonus

Read More
Researcher Resources

Bugcrowd’s Spring Release Ensures the Long-Term Success of Bug Bounty Programs

Posted by Travis Andrade on Jun 22, 2017 1:08:35 PM

Our 2017 Spring Product Release improves vulnerability management for the enterprise and supports the long-term success of both security teams and researchers.

Read More
Product Updates

Bug Bounties vs. Penetration Testing: Misconception #2

Posted by Travis Andrade on May 31, 2017 4:40:24 PM
Misconception: With a bug bounty, you cannot receive the coverage or same caliber of testing methodologies as penetration tests. 
Read More

Track Vulnerability Trends and Drive Action with Updated Insights Dashboard

Posted by Travis Andrade on May 15, 2017 1:04:36 PM

Announcing a major update to our program reporting within the Insights dashboard

Read More
Product Updates

Product Update: Vulnerability Management Made Easy with the Most Intuitive and Efficient Bi-Directional JIRA Integration

Posted by Travis Andrade on Apr 20, 2017 12:00:00 PM

We are proud to announce the most intuitive and efficient bi-directional JIRA integration for bug bounty programs!

Read More
Product Updates