About 12 months after Bugcrowd started, one of our team pulled me aside and made a suggestion that truly altered the course of the company:
We are excited to announce the newest member of the Bugcrowd Board of Directors, industry icon and veteran driver of cybersecurity innovation, Art Coviello Jr.
Bugcrowd’s view has always been that the economic and resourcing model of the bug bounty programs pioneered by Netscape, Google and Facebook is more that just the “latest and greatest tech-company fad.” It’s a necessary and inevitable evolution in security assessment, and it’s benefits will impact the entire IT ecosystem.
2012 was the year that almost every industry, banking, education, government, big tech and even security, was hacked. Many, if not all of these companies were doing “all" they could to protect themselves against these hacks, and yet they were still left vulnerable. In direct response to this, 2012 was also the year we built Bugcrowd to beat an army of adversaries with an army of allies.
Let me say clearly and upfront: As the founder of a company that manages a community of security researchers, I empathize with Mary Ann Davies’ frustrations… but I also strongly disagree with her approach.
We are thrilled to announce our recent round of Series A funding. Led by Costanoa Venture Capital, along with Rally Ventures, Paladin Capital Group and Blackbird Ventures, we've raised $6 Million, bringing us to a total of $9 Million since our founding in late 2012.
Last week, Bugcrowd hosted OWASP Bug Week, an online competition for security researchers all over the world to find security bugs in live products. The researcher who found the "Best Bug" of the week won a badge to AppSecEU.
In celebration of the 10 year anniversary of the Argentine security conference, ekoparty, Bugcrowd is doubling our payouts for the bugs submitted during the conference. From now until 21:10ART, Bugcrowd will pay out twice as much as the assigned reward money for the bug bounty program on our product.
¡Bugcrowd está aprendiendo Español! Vamos a Argentina para ekoparty esta semana, y vamos a hablar con los investigadores argentinos, así que queríamos asegura que nuestro FAQ fue traducido al español también. Además, en un esfuerzo para hacer crecer con mayor precisión la base de talento investigador mundial, Bugcrowd ha comenzado a hacer su plataforma más fácil de usar para los investigadores latinoamericanos.
We recommend our researchers read this guide as it provides answers to common questions regarding bounties, submissions, and all relevant facets of the Bugcrowd portal bounty system.
When submitting vulnerabilities via the Bugcrowd's Crowdcontrol platform, it’s important to ensure that you provide enough information for the vulnerability to be validated. Without this information, the submission may be delayed or incorrectly marked, resulting in issues with the submission process. Obviously this is something that affects both researchers and the bounty owner.