Bugcrowd Blog

Case Study: Barracuda's Fully Managed Bug Bounty Program

Posted by Payton O'Neal on Mar 23, 2017 9:00:00 AM

In 2010, Barracuda Networks was one of the first organizations to launch a formal bug bounty program. Since then, Barracuda has paved the way for other organizations to launch programs in order to collaborate with the independent research community and improve their overall product security programs.

Read More

Evaluating the business impact of software vulnerabilities

Posted by David Baker on Mar 22, 2017 9:00:00 AM

Google recently announced that the company has raised its top reward for remote code execution bugs in its Google, Blogger and YouTube domains by 50 percent, saying "Because high-severity vulnerabilities have become harder to identify over the years, researchers have needed more time to find them. We want to demonstrate our appreciation for the significant time researchers dedicate to our program."

Read More
Interesting

Industry Spotlight: How Security Vendors Use Bug Bounty Programs

Posted by Payton O'Neal on Mar 21, 2017 8:49:19 AM

Bugcrowd bug bounty programs launched by security vendors have tripled over the past two years and represent the fifth largest industry on the Bugcrowd platform.

Read More
Case Study

Winner! February Thick Client Promotional Drawing

Posted by Chloe Brown on Mar 20, 2017 10:26:13 AM

Each quarter we challenge our crowd to submit bugs against some of our most difficult programs to be entered to win a cash bonus. This quarter, we've encouraged our crowd to submit bugs against thick client applications and have seen fantastic engagement; we saw an awesome 200% increase in valid submissions in February. 

Read More

In Response to the Department of Commerce's "Green Paper"

Posted by Jonathan Cran on Mar 17, 2017 1:24:02 PM

We recently contributed to the Department of Commerce’s request for public comment on its “Green Paper” with Rapid7, Duo Security, Electronic Frontier Foundation, Center for Democracy & Technology, Global Cyber Alliance and many others that we hope will bolster a more transparent approach to securing the Internet of Things.

Read More
Bugcrowd News

Bugcrowd's 2nd Annual Buggy Awards Closing

Posted by Abby Mulligan on Mar 16, 2017 12:14:41 PM

Today we aired our 2nd Annual Buggy Awards which recognized several organizations running bug bounty programs and several bug hunters who have contributed some fantastic research to the bug hunting community.

Read More

[Guest Blog] Bugcrowd’s Buggy Awards: Fitbit Takes Two!

Posted by Bugcrowd on Mar 16, 2017 12:13:04 PM

Appeared originally on the Fitbit Engineering Blog

Read More
Guest Blog

Recapping Nullcon 2017

Posted by Jay Turla on Mar 15, 2017 9:00:00 AM

Earlier this month, I had the opportunity to attend and present at Nullcon in Goa, India. Now in its seventh year, Nullcon was founded in 2010 with the idea of “providing an integrated platform for exchanging information on the latest attack vectors, zero day vulnerabilities and unknown threats.”

Read More

Big Bugs Podcast 7 | The World of CTFs w/ Special Guest

Posted by Jason Haddix on Mar 10, 2017 1:18:39 PM

This month we’re taking our ‘Big Bugs’ podcast out of hibernation for a special podcast on one of our favorite topics–Capture the Flag Competitions!

Read More

1Password increases highest reward to $100,000

Posted by Alyssa Habing on Mar 9, 2017 9:09:07 AM

Our customers are leaders when it comes to security; they understand the value of harnessing the power of the crowd and the creativity of thousands of researchers that think like the adversary. Password manager technology 1Password is no exception.

Read More