In the course of doing data validation in the final quarter of 2017, Bugcrowd engineers identified areas where submission data was not correctly updating. Because we value transparency, we have outlined the resolved changes below:
2017 was a fantastic year of growth for our researcher community and program owners alike, with 32% more submissions rewarded, a 25% increase to the average reward and 61% more total rewarded submissions! In 2017, 145 Researchers qualified into MVP status, and earned close to 44% of our 2017 total payouts, with a rewarded submission total of over $3 million!
Bugcrowd is pleased to recognize our December 2017 Hall of Fame winners!
Last week, David Baker (Bugcrowd’s Chief Security Officer) released a blog post discussing why it's important to understand researcher motivations in order to run a successful bug bounty program. Furthermore - to enable current and future customers to get a better handle on what drives security researchers at Bugcrowd - we released the Inside the Mind of a Hacker (version 2.0) report covering a broad range of metrics around who the Crowd is comprised of; including data on age, level of education, geographic location, and most importantly - what motivates us (and I use the term “us”, because I myself am a security researcher on Bugcrowd).
We are consistently asked “How Do I Earn Private Program Invitations?”
Hands down, this is our most commonly asked question from members of our Crowd, so we want to take this opportunity to reemphasize the most important information to keep an eye on if you’re looking to get invited to a private program.
Since 2015, we have consistently used the following performance and activity markers (+ any required technical skills!) to choose our program participants. The criteria we continue to use to determine invites:
The following is a guest blog post from Mert & Evren, two talented researchers from Turkey. IDOR vulnerabilities are of the higher impact and higher paying vulnerabilities for web bug bounties. This article explores what IDORs are and how to find them.
Bugcrowd is excited to announce our August 2017 Hall of Fame winners!
We'd like to welcome mongo back to the first place spot, with sandeepv in VERY close second, and one of our private users rounding out in third. To thank our top performers for their hard work, Bugcrowd is pleased to announce that all three researchers have received bonuses for their performance in the month of August.
At Bugcrowd, we’ve long said that managed bug bounty programs allow organizations of any size or stage of security maturity to realize the benefits of a bug bounty program. This is why we’ve provided managed programs from day one and why I’m especially excited by today’s news. Today we are recruiting for a Secret customer program with a top reward of $250K.
Bugcrowd is excited to announce our July 2017 Hall of Fame winners!
For the first time, we're happy to present ahmedehane in our top spot! Kudos to him as he was able to earn the top spot primarily through kudos programs :D - mongo was close behind in our second place spot, with jstnkndy in third! To thank our top performers for their hard work, Bugcrowd is pleased to announce that all three researchers have received bonuses for their performance in the month of July.