As a founder there is nothing better than watching the company I started grow and evolve. In the four and a half years I’ve watched Bugcrowd grow by leaps and bounds - the team has grown threefold in the past year alone. While our guiding principles, core values, and vision of the future of cybersecurity remain unchanged, today we have evolved as an organization. To use a much-used term from the early aughts, we are now very much Bugcrowd 2.0, and I’m proud to announce a brand-new website that reflects just that.
Our goal for this conference is to create opportunities for researchers to learn and level-up their skills. We're also working on ways that we can help researchers network and meet one another during the conference.
We recently contributed to the Department of Commerce’s request for public comment on its “Green Paper” with Rapid7, Duo Security, Electronic Frontier Foundation, Center for Democracy & Technology, Global Cyber Alliance and many others that we hope will bolster a more transparent approach to securing the Internet of Things.
Last week we announced the categories for our 2nd Annual Buggy Awards which will award a select group of individuals and organizations in the bug bounty space. Today we’re pleased to announce the finalists in these categories in anticipation of the awards ceremony next week.
These finalists represent just a handful of organizations and individuals that make this economy so vibrant and we are thankful to the entire bug bounty community.
We are pleased to announce the categories for this year’s Buggy Awards. These awards represent a select group of individuals and organizations who have done fantastic work in the bug bounty space in the past year.
These awards highlight the achievements of top performing customers and researchers and serve as a reminder about what is essential to maintaining the health of the community as a whole.
Yesterday a vulnerability in Cloudflare CDN and DDoS prevention service was disclosed by Google's Project Zero. The blog post stated that an HTML parser for specific Cloudflare features was vulnerable to leaking sensitive information of other Cloudflare customers.
Over the last few months, we've been challenging our crowd to submit bugs against some of our most challenging targets – thick client applications.
It goes without saying that it has been a HUGE year for appsec. We’ve seen yet another record breaking year of breaches, we had the largest breach in recorded history–Yahoo–, and we also witnessed the largest DDoS attack as far as we know at 1.2TB–Mirai.