Each quarter we challenge our crowd to submit bugs against some of our most difficult programs to be entered to win a cash bonus. This quarter, we've encouraged our crowd to submit bugs against thick client applications and have seen fantastic engagement; we saw an awesome 200% increase in valid submissions in February.
Over the last few months, we've been challenging our crowd to submit bugs against some of our most challenging targets – thick client applications.
Throughout October, November and December 2016, we challenged our crowd to submit bugs against some challenging targets–thick client applications. Previously we announced our October and November winners and today we’re excited to announce our two final two winners:
Throughout October, November and December 2016, we've challenged our crowd to submit bugs against some challenging targets–thick client applications. Learn more about the competition here.
Throughout June, July and August 2016, we ran a researcher promotion focused on mobile targets and we are thrilled today to finally be able to announce the winners:
As the bug bounty space has matured, the range of targets to test against has expanded and diversified incredibly. Our programs offer a broad range of targets, from web and mobile, to APIs and IoT devices (even cars)! Over the last several months, Bugcrowd has launched more and more bounty programs that feature thick client applications.
Whether you have skills in testing thick client software, or want to expand your expertise, Bugcrowd has several public programs and numerous private programs available for you to hack on for fun and profit. This quarter we're running a limited time promotion for all submissions found in thick client applications.
We take the security research community seriously and appreciate the valuable time spent participating in Bugcrowd programs. Each submission is reviewed with the respect that it deserves, and we have a commitment to set researchers up for success as reports move through the review process. This entails understanding the submission review process, respecting bounty guidelines, and effectively communicating with program owners and the Bugcrowd Application Security Engineering (ASE) team.
In April we announced a Mobile bonus reward program for researchers that submitted valid, non-duplicate mobile vulnerabilities for a chance to win $1000, and in early June we expanded the program to two bonuses. We are excited to announce our two winners, and congratulate putsi and robinooklay for their mobile submissions!