Bugcrowd Blog


Recent Posts

[Guest Blog] Calling all bug hunters: Sophos teams up with Bugcrowd

Posted by Bugcrowd on Apr 26, 2017 12:07:28 PM

This post originally appeared on the Sophos Blog here.

Adversarial relationships between vendors and security researchers used to be common. Researchers would report a bug and the vendor – not all but certainly more than a few – would drag its feet in patching the problem. Then, the researcher would make the findings public and the vendor would criticize them for releasing information attackers could exploit.

Read More

[Guest Blog] Bugcrowd’s Buggy Awards: Fitbit Takes Two!

Posted by Bugcrowd on Mar 16, 2017 12:13:04 PM

Appeared originally on the Fitbit Engineering Blog

Read More
Guest Blog

Intercom launches public bug bounty; offers up to $1,500 per vulnerability

Posted by Bugcrowd on Feb 16, 2017 6:15:00 AM

Intercom, the customer messaging platform launched its public bug bounty program today. The goal: to implement a secure development lifecycle and protect customer data. Intercom believes that the program is one of the best ways to address and stay on top of the latest cybersecurity challenges.

Read More
New Program Announcements

DigitalOcean launches public bug bounty with Bugcrowd

Posted by Bugcrowd on Feb 15, 2017 2:14:34 PM

Today, DigitalOcean launched its public bug bounty program. Building on the success of its private program, the public program allows DigitalOcean to focus internal resources on the demands of keeping the cloud secure, while letting researchers do what they do best. DigitalOcean now has access to Bugcrowd’s full crowd of researchers for an even wider breadth of skill sets to find vulnerabilities faster.

Read More
New Program Announcements

NETGEAR®, Inc. Launches Public Bug Bounty Program

Posted by Bugcrowd on Jan 9, 2017 7:10:09 PM

We're excited to share that NETGEAR®, Inc. has launched a public bug bounty program with us to help them stay in front of the latest threats and improve the security of the company's products. 

Read More
New Program Announcements

Instructure launches Private Bug Bounty Program

Posted by Bugcrowd on Feb 5, 2015 3:58:54 AM

Instructure has leveled up its security practices yet again - we're now proud to announce the launch of their private bug bounty program.

Read More
Bugcrowd News, Running Your Own Program

Increasing pen test results by 8x: The Instructure Story

Posted by Bugcrowd on Feb 5, 2015 3:04:00 AM

Since 2011, Instructure has proactively publicized the results of their annual penetration test reports to provide transparency around the security of their learning management system. From 2011 to 2013, these pen tests discovered an average 7.6 valid vulnerabilities each year.

Read More
Running Your Own Program

The Barracuda Bug Bounty Story

Posted by Bugcrowd on Dec 17, 2014 1:11:48 AM

Barracuda has been a pioneer in helping shape the bug bounty ecosystem that exists today. Since 2010, the IT security leader has been running its own bug bounty program on its networking and security appliance and VM products.

Read More
Running Your Own Program, New Program Announcements

5 Reasons to Crowdsource your Security Testing

Posted by Bugcrowd on Nov 10, 2014 7:17:31 AM

Perhaps you’ve heard of companies launching bug bounties in the news, or are looking to improve upon your current security assessment tools and services.

Read More
Running Your Own Program

Testing Homeboy as a security researcher - My experience

Posted by Bugcrowd on Oct 21, 2014 3:26:15 AM

Read More
Bugcrowd News