Keep track of the latest security news, and in touch with the bounty community.

Burp Suite Tutorial: 1

As promised in our previous blog, Jason Haddix -Director of Technical Operations- is doing an unedited series on using Burp Suite, a very useful tool when searching for Bug Bounties. This video is the first in a month long series. If you have any questions about the tutorial or need help, join us on the Read article →

Hacking With Burp Suite- JHaddix

Burp Suite Tutorial Series Bugcrowd loves it’s researcher and technical community. One responsibility we feel we have here is to empower that community. As a part of this effort we plan to roll out some free training and professional development material. These videos will be free of charge and are aimed at exploring useful practices Read article →

Build or Buy: The Barracuda Bug Bounty Story [Webinar]

Barracuda Networks has been paving the way for crowdsourced security since 2010, when they one of just a handful of companies to start a bug bounty program. Since then the Barracuda bug bounty program has evolved and matured, and we had the opportunity to hear about it first hand. If you’re not familiar with the company, Barracuda provides security, Read article →

Advice From A Researcher: Protecting Your Dev Environments

[Today I’d like to introduce you to Bugcrowd member Ciaran McNally. (maK0)  As a freelance security consultant as well as entrepreneur, Ciaran has helped improve the security of many organizations. We are honored to share is thoughts and experience on how organizations can increase their overall security.  Thanks! 

A Look at Private Bounty Program Invitations

Today I thought it would be interesting to our Crowd members to take a look at private bounty program invitations. With both public and private bounty programs and over 17,000+ security researchers, how does Bugcrowd choose who to invite to a private program?  Is there a secret handshake? A password to a private clubhouse?  Do I roll the dice?

Bugcrowd VIP Party at DEFCON 2015

Black Hat USA, DEFCON, and BSides Las Vegas are coming up soon, and we have a lot planned for both the Crowd and our customers.  There are many announcements to follow, but this is one that can’t wait. Come hang out with great security researchers and the Bugcrowd team for drinks, food, and a few surprises. Read article →

May 2015 Hall of Fame

It is time for the May 2015 Hall of Fame, and this month was a close race for the top 3 spots with just 8 points between 1st and 3rd place.  To thank these individuals for their hard work, Bugcrowd is pleased to announce they’ll receive performance bonuses. 1.NahtnahS – 152 points – $2,500 bonus 2. Harie_cool – 146 points Read article →

New Ongoing Bounty Programs Launching at RVAsec Bug Bash!

Bugcrowd is excited to announce three new ongoing bounty programs launching at RVAsec Bug Bash and CTF today!   ISC2 The International Information Systems Security Certification Consortium (ISC)2 is a non-profit organization which specializes in information security education and certifications. In April 2013, we announced that Bugcrowd bug bounty program participation was an eligible (ISC)2 “continuing professional Read article →

Adventures in Reverse Engineering

One thing we like to highlight at Bugcrowd is creating lasting positive relationships between clients and talented researchers. Today one of our crowd, Duarte Silva, released some of his work on reverse engineering Aruba Networks ArubaOS Firmware package.

“Bugs Happen” – Analyst Moderated Webinar on Bug Bounties

Last Wednesday, Keren Elazari, our friend and cybersecurity expert, joined Bugcrowd Founder and CEO for an in-depth webinar. The two spent an hour discussing the ins and outs of bug bounty programs, with a focus on the many myths associated with bug bounties, as well as the value they create for businesses. Between Keren and Read article →