Bugcrowd Blog

3,2,1… BSidesLV, Black Hat and DEF CON 2017 Wrap Up

Posted by Casey Ellis on Aug 7, 2017 1:30:00 PM

BSidesLV, Black Hat and DEF CON week is “that time of year” in the security industry; when hackers, suits, feds and anyone else interested in our craft descend on Las Vegas. The goal? To teach, demonstrate, learn, connect, and enjoy the company of fellow members of the village.

Read More
Conferences, events

Dash Launches Bug Bounty Program with Bugcrowd

Posted by Jim Bursch on Aug 7, 2017 10:35:00 AM
This week, the  Dash  Bug Bounty program launched privately on the Bugcrowd  platform, which means selected Bugcrowd researchers have been invited to study the  Dash  Core software for the purpose of identifying bugs and vulnerabilities.

For the first couple of weeks the program will run privately, and then it will be opened to the public so that any white-hat hacker or security researcher can participate in the bug bounty program, and strengthen  Dash 's overall security.

Initially, the range of bounties is set at $100-$10,000 but by the time the program goes public, cyber security experts may earn as much $15,000 for identifying significant bugs. Thanks to the funding provided by  Dash  Masternode Operators (MNOs) through the  Dash  Budget system,  Dash  will have one of the best funded bug bounty programs in the cryptocurrency industry, run by the leading company in the space. 

In addition to the  Dash  Core software, other applications will be added to the bug bounty program after consultation with the Core Team. For example, the CoPay wallet may be added after launch, as well as  Dash  Evolution.

The Dash Bug Bounty program is a DashIncubator project managed by Jim Bursch. The program is coordinated with the Dash Core Team through Holger Schinzel, who leads quality assurance. We greatly look forward to our partnership with Bugcrowd, and providing our users with a safer, more secure network.
Read More
Program Launches

Quickly Identify and Take Action with Bugcrowd's Slack Integration

Posted by Travis Andrade on Aug 4, 2017 9:00:00 AM

The release of our newest integration with Slack now allows you to receive actionable bounty notifications immediately!

Organizations continue to transition to an agile software development lifecycle in today’s fast paced market where there is an increased need for developing applications quickly, efficiently, and securely. Our platform, Crowdcontrol, enables companies to seamlessly implement bug bounty programs into their SDLC by integrating with their everyday tools, such as Slack, to ensure organizations release secure software fast.

Read More
Product Updates

July 2017 Hall of Fame Winners!

Posted by Kaila Pollart on Aug 2, 2017 12:30:00 PM

Bugcrowd is excited to announce our July 2017 Hall of Fame winners! 

For the first time, we're happy to present ahmedehane in our top spot! Kudos to him as he was able to earn the top spot primarily through kudos programs :D - mongo was close behind in our second place spot, with jstnkndy in third! To thank our top performers for their hard work, Bugcrowd is pleased to announce that all three researchers have received bonuses for their performance in the month of July.

  1. ahmedehane - 1474 points - $2,500 bonus 
  2. mongo - 1172 points - $1,500 bonus
  3. jstnkndy - 340 points - $1,000 bonus
Read More
Researcher Resources

Bromium Launches Private Bug Bounty Program

Posted by Gavin Hill on Aug 1, 2017 11:52:10 AM

For too long, security has been an inhibitor for end users. In fact, in our recent survey, we found that 94% of security professionals are more concerned about getting work done than about security. Security should not limit the business, it should enable it.

Read More
Program Launches

It Really Does Take A Crowd; LevelUp Recap

Posted by Sam Houston on Jul 21, 2017 3:36:20 PM

In the past year we’ve seen the Bugcrowd community more than double to more than 60,000 researchers, up from 26,782 at the beginning of 2016. With this growth comes the increasing responsibility to educate and foster the professional growth that our researchers seek every day.

Read More
Conferences, Researcher Resources, Research and Reports

Vegas; Here We Come!

Posted by Bugcrowd on Jul 17, 2017 2:40:52 PM

We are just one week away from one of the busiest and most hectic weeks of the year - BSides, Black Hat and DEF CON in Las Vegas! Are you excited? We are!

Read More
Bugcrowd News, events

Why You Can’t Ignore the Economics of a Bug Bounty

Posted by David Baker on Jul 14, 2017 11:48:06 AM

It’s common knowledge that the security industry has been facing a massive shortage of resources. Add the fact that companies are accelerating their cloud presence and growing an API ecosystem of their own. CISOs are up-leveling their security strategy by adding bug bounty programs to their toolbox.  

Read More
Interesting, Running Your Own Program, Research and Reports

Why We’re Letting 60,000 Bugcrowd Security Researchers Ethically Hack Us

Posted by Matthew Hart on Jul 12, 2017 9:04:47 AM

At Atlassian, security is baked into the product development lifecycle. We employ an entire team of security engineers who build threat models, review code, and test our systems. Building and maintaining products that keep our customers safe is a team effort.

Read More
Guest Blog, Program Launches

Bigger Bugs, Bigger Payouts, More Managed Programs

Posted by Ryan Black on Jul 7, 2017 12:16:44 PM

Last week, we released our third annual State of Bug Bounty Report. We were really excited to see the momentum around enterprise adoption, and this year’s report highlights not only the continued growth of the bug bounty model, but also the economics around bug bounty payouts, trends in vulnerabilities, and the continued growth of the crowd.

Read More
Research and Reports