As promised in our previous blog, Jason Haddix -Director of Technical Operations- is doing an unedited series on using Burp Suite, a very useful tool when searching for Bug Bounties. This video is the first in a month long series. If you have any questions about the tutorial or need help, join us on the Read article →
Keep track of the latest security news, and in touch with the bounty community.
We won't email you every time we post. Only our most important news occasionally.
Burp Suite Tutorial Series Bugcrowd loves it’s researcher and technical community. One responsibility we feel we have here is to empower that community. As a part of this effort we plan to roll out some free training and professional development material. These videos will be free of charge and are aimed at exploring useful practices Read article →
Barracuda Networks has been paving the way for crowdsourced security since 2010, when they one of just a handful of companies to start a bug bounty program. Since then the Barracuda bug bounty program has evolved and matured, and we had the opportunity to hear about it first hand. If you’re not familiar with the company, Barracuda provides security, Read article →
[Today I’d like to introduce you to Bugcrowd member Ciaran McNally. (maK0) As a freelance security consultant as well as entrepreneur, Ciaran has helped improve the security of many organizations. We are honored to share is thoughts and experience on how organizations can increase their overall security. Thanks!
Today I thought it would be interesting to our Crowd members to take a look at private bounty program invitations. With both public and private bounty programs and over 17,000+ security researchers, how does Bugcrowd choose who to invite to a private program? Is there a secret handshake? A password to a private clubhouse? Do I roll the dice?
Black Hat USA, DEFCON, and BSides Las Vegas are coming up soon, and we have a lot planned for both the Crowd and our customers. There are many announcements to follow, but this is one that can’t wait. Come hang out with great security researchers and the Bugcrowd team for drinks, food, and a few surprises. Read article →
It is time for the May 2015 Hall of Fame, and this month was a close race for the top 3 spots with just 8 points between 1st and 3rd place. To thank these individuals for their hard work, Bugcrowd is pleased to announce they’ll receive performance bonuses. 1.NahtnahS – 152 points – $2,500 bonus 2. Harie_cool – 146 points Read article →
Bugcrowd is excited to announce three new ongoing bounty programs launching at RVAsec Bug Bash and CTF today! ISC2 The International Information Systems Security Certification Consortium (ISC)2 is a non-profit organization which specializes in information security education and certifications. In April 2013, we announced that Bugcrowd bug bounty program participation was an eligible (ISC)2 “continuing professional Read article →
One thing we like to highlight at Bugcrowd is creating lasting positive relationships between clients and talented researchers. Today one of our crowd, Duarte Silva, released some of his work on reverse engineering Aruba Networks ArubaOS Firmware package.
Last Wednesday, Keren Elazari, our friend and cybersecurity expert, joined Bugcrowd Founder and CEO for an in-depth webinar. The two spent an hour discussing the ins and outs of bug bounty programs, with a focus on the many myths associated with bug bounties, as well as the value they create for businesses. Between Keren and Read article →