Bugcrowd Blog

[Guest Blog] Calling all bug hunters: Sophos teams up with Bugcrowd

Posted by Bugcrowd on Apr 26, 2017 12:07:28 PM

This post originally appeared on the Sophos Blog here.


Adversarial relationships between vendors and security researchers used to be common. Researchers would report a bug and the vendor – not all but certainly more than a few – would drag its feet in patching the problem. Then, the researcher would make the findings public and the vendor would criticize them for releasing information attackers could exploit.

Read More

Illustrated Guide to Bug Bounties Step #3: Learnings

Posted by Payton O'Neal on Apr 25, 2017 8:03:41 AM

The bug bounty lifecycle is a very fluid process, from strategic planning and program launch to learning from and iterating your program. Get the illustrated guide below:

Read More
Running Your Own Program

Payday is Moving to Wednesday!

Posted by Kaila Pollart on Apr 24, 2017 10:30:06 AM

Fridays have long been a day to look forward to for Bugcrowd researchers; now researchers can look forward to getting paid on Wednesdays! ðŸ«

Read More
Researcher Resources

Product Update: Vulnerability Management Made Easy with the Most Intuitive and Efficient Bi-Directional JIRA Integration

Posted by Travis Andrade on Apr 20, 2017 12:00:00 PM

We are proud to announce the most intuitive and efficient bi-directional JIRA integration for bug bounty programs!

Read More
Product Updates

A Look Inside: Bug Bounties vs. Penetration Testing

Posted by Casey Ellis on Apr 19, 2017 1:01:19 PM

Can bug bounty programs replace penetration tests?

This question has come up a lot in the past several months and today we released a guide that begins to answer it.

Read More
Running Your Own Program

Illustrated Guide to Bug Bounties Step #2: Launching

Posted by Payton O'Neal on Apr 18, 2017 10:09:32 AM

The bug bounty lifecycle is a very fluid process, from strategic planning to program launch to learning from and iterating your program. Get the illustrated guide below:

Read More

Illustrated Guide to Bug Bounties Step #1: Planning

Posted by Payton O'Neal on Apr 12, 2017 8:11:54 AM

The bug bounty lifecycle is a very fluid process, from strategic planning to program launch to learning from and iterating your program. Get the illustrated guide below:

Read More

NEW Researcher Dashboard Delivers Actionable Performance Metrics

Posted by Travis Andrade on Apr 6, 2017 10:30:00 AM

 

Bugcrowd now delivers actionable performance metrics to the crowd!

Read More
Product Updates

[Guide] Learn How a Bug Bounty Can Actually Improve Your SDLC and Overall AppSec Strategy

Posted by Payton O'Neal on Apr 5, 2017 9:02:23 AM

Today we released a comprehensive guide on how bug bounties fit into organizations' application security strategies.

Read More

How does a bug bounty fit into my SDLC?

Posted by Jonathan Cran on Apr 4, 2017 2:36:04 PM

"How does a bug bounty fit into my SDLC?" This is a question we hear all the time. While the obvious answer is that it can augment or replace much of your current manual and automated testing, the actual answer is simpler; “bug bounties fit into and support your SDLC each step of the way.”

Read More