Bugcrowd Blog

Payton O'Neal

Recent Posts

Bug Bounties vs. Penetration Testing: Misconception #1

Posted by Payton O'Neal on May 10, 2017 1:53:01 PM
Misconception: Bug bounty hunters are not as skilled as penetration testers. Even if they were, how can I trust them and control them?
Read More

[Webinar Recap] 3 Reasons to Swap Your Next Penetration Test for a Bug Bounty

Posted by Payton O'Neal on May 5, 2017 3:28:05 PM
Last Friday we took part in an SC Magazine webinar that examines the differences between penetration testing and bug bounties. Jason Haddix, former HP Fortify Pen Test Lead and now Head of Trust and Security at Bugcrowd, spoke with Wade Billings, VP of Technology Services at Instructure, the company behind learning management system Canvas
Read More

Illustrated Guide to Bug Bounties Step #3: Learnings

Posted by Payton O'Neal on Apr 25, 2017 8:03:41 AM

The bug bounty lifecycle is a very fluid process, from strategic planning and program launch to learning from and iterating your program. Get the illustrated guide below:

Read More
Running Your Own Program

Illustrated Guide to Bug Bounties Step #2: Launching

Posted by Payton O'Neal on Apr 18, 2017 10:09:32 AM

The bug bounty lifecycle is a very fluid process, from strategic planning to program launch to learning from and iterating your program. Get the illustrated guide below:

Read More

Illustrated Guide to Bug Bounties Step #1: Planning

Posted by Payton O'Neal on Apr 12, 2017 8:11:54 AM

The bug bounty lifecycle is a very fluid process, from strategic planning to program launch to learning from and iterating your program. Get the illustrated guide below:

Read More

[Guide] Learn How a Bug Bounty Can Actually Improve Your SDLC and Overall AppSec Strategy

Posted by Payton O'Neal on Apr 5, 2017 9:02:23 AM

Today we released a comprehensive guide on how bug bounties fit into organizations' application security strategies.

Read More

The Illustrated Guide to Planning, Launching and Iterating Your Bug Bounty Program

Posted by Payton O'Neal on Mar 28, 2017 9:00:00 AM

To run a successful and mutually beneficial bug bounty program, the work starts long before you launch your program and is a continuous learning experience.

Read More
Running Your Own Program, Infographics

Case Study: Barracuda's Fully Managed Bug Bounty Program

Posted by Payton O'Neal on Mar 23, 2017 9:00:00 AM

In 2010, Barracuda Networks was one of the first organizations to launch a formal bug bounty program. Since then, Barracuda has paved the way for other organizations to launch programs in order to collaborate with the independent research community and improve their overall product security programs.

Read More
Case Studies

Industry Spotlight: How Security Vendors Use Bug Bounty Programs

Posted by Payton O'Neal on Mar 21, 2017 8:49:19 AM

Bugcrowd bug bounty programs launched by security vendors have tripled over the past two years and represent the fifth largest industry on the Bugcrowd platform.

Read More
Case Studies

Learnings from Bugcrowd's 1st Hackathon!

Posted by Payton O'Neal on Feb 22, 2017 4:30:37 PM

Today we wrapped up our first company-wide Hackathon and I felt it worthy of a short blog while the judges deliberate over who had the best project… It’s not about winning anyways, right?

Read More