Bugcrowd Blog

Writing successful bug submissions - Bug Bounty Hunter Methodology

Posted by Sam Houston on Feb 22, 2017 3:14:12 PM

This is the fourth post in our series: "Bug Bounty Hunter Methodology". Today's is a guest post from Scott Robinson, @sd_robs on Twitter and SRobin on Bugcrowd. Read on to learn how to write a successful bug submission. If you have any feedback, please tweet us at @Bugcrowd.  

Read More
Researcher Resources

Thick Client Promotion: Congratulations to our January Winner!

Posted by Chloe Brown on Feb 21, 2017 1:14:56 PM

Over the last few months, we've been challenging our crowd to submit bugs against some of our most challenging targets – thick client applications.

Read More
Bugcrowd News

Bugcrowd's 2017 RSAC + BSides SF Recap

Posted by Payton O'Neal on Feb 17, 2017 2:28:36 PM
We made it through yet another week of craziness that is BSides SF and RSAC. Now we'd like to take a moment to give you a recap of what we were up to and what we enjoyed throughout the week...
Read More

Product Security Challenges and Opportunities: Insights from Adobe's VP and CSO, Brad Arkin

Posted by Jason Haddix on Feb 16, 2017 9:00:00 AM

Last week we launched our 2017 CISO Investment Blueprint which analyzes survey responses from 100 security decision makers regarding the current state of application security. In addition to the survey results, we've chatted with several innovators in the security industry to get their thoughts on appsec today and the future.

Over the next couple of weeks, we'll be publishing these interviews, filled with insights around the challenges and opportunities present for security decision-makers in 2017. We welcome your feedback and observations as well! Tweet us or shoot us an email to share your thoughts.

Read More

Intercom launches public bug bounty; offers up to $1,500 per vulnerability

Posted by Bugcrowd on Feb 16, 2017 6:15:00 AM

Intercom, the customer messaging platform launched its public bug bounty program today. The goal: to implement a secure development lifecycle and protect customer data. Intercom believes that the program is one of the best ways to address and stay on top of the latest cybersecurity challenges.

Read More
New Program Announcements

DigitalOcean launches public bug bounty with Bugcrowd

Posted by Bugcrowd on Feb 15, 2017 2:14:34 PM

Today, DigitalOcean launched its public bug bounty program. Building on the success of its private program, the public program allows DigitalOcean to focus internal resources on the demands of keeping the cloud secure, while letting researchers do what they do best. DigitalOcean now has access to Bugcrowd’s full crowd of researchers for an even wider breadth of skill sets to find vulnerabilities faster.

Read More
New Program Announcements

The Importance of Notes & Session Tracking - Bug Bounty Hunter Methodology

Posted by Sam Houston on Feb 14, 2017 1:10:13 PM

This is the third post in our series: "Bug Bounty Hunter Methodology". Today's is a guest post from ZephrFish, whom you can follow on twitter at @ZephrFish. Read on to learn how to use notes and session tracking to make your bug bounty hunting more successful.  If you have any feedback, please tweet us at @Bugcrowd. 

 

Read More
Researcher Resources

Qualys and Bugcrowd: Automation and the Crowd

Posted by Jonathan Cran on Feb 13, 2017 6:03:00 AM

Today, I’m pleased to announce a partnership and bi-directional integration with Qualys. This integration – the first of its kind – allows our joint customers to easily share vulnerability data between our platforms.

Read More

Insights From AppSec Veteran, Richard Rushing

Posted by Jason Haddix on Feb 9, 2017 1:04:04 PM

Last week we launched our 2017 CISO Investment Blueprint which analyzes survey responses from 100 security decision makers regarding the current state of application security. In addition to the survey results, we've chatted with several innovators in the security industry to get their thoughts on appsec today and the future.

Over the next couple of months, we'll be publishing these interviews, filled with insights around the challenges and opportunities present for security decision-makers in 2017. We welcome your feedback and observations as well! Tweet us or shoot us an email to share your thoughts.

Read More

The Importance of Scope - Bug Bounty Hunter Methodology

Posted by Sam Houston on Feb 8, 2017 8:30:00 AM

This is the second post in our new series: "Bug Bounty Hunter Methodology". Today we explore bounty scopes, disclosure terms & rules, and how those guide you in your hacking. If you have any feedback, please tweet us at @Bugcrowd. 

Read More
Researcher Resources