Bugcrowd Blog

Setting the Bar High for Bug Bounty Triage and Validation

Posted by Ryan Black on Jan 22, 2018 3:35:30 PM

Running a bug bounty program on your own is difficult. Imagine receiving hundreds of vulnerability submissions weekly, many of them unimportant, and many of them duplicates of known vulnerabilities. Once you weed through those submissions, you'll have to respond if needed, prioritize impact, and determine what it's worth. Then you'll have to file a ticket to make sure it gets fixed and the most fun part of all, pay the researcher, which as you can imagine, may get tricky.

Read More

Leveraging Policy and a Purpose-built Platform to Steer the Ship in SecOps

Posted by Ryan Black on Dec 4, 2017 9:03:00 AM

Crowdsourced security testing and vulnerability disclosure programs require the right combination of policy, resources, and support to be successful. Bugcrowd's leading platform and team bring years of experience facilitating success with whiteglove management of these programs. From the policy design, launch, and submission management our Operations team is a close partner of our talented researcher community and customers.

Read More
Interesting, Thought leadership, SecOps