Bugcrowd Blog

[Guest Blog] EARN CPES WITH BUG BOUNTY

Posted by Bugcrowd on Jun 14, 2017 8:25:34 AM

This post original ran on the (ISC)² blog on June 1, 2017:

Since 2013, (ISC)² has been a partner of Bugcrowd, running a public bug bounty program and offering CPE credits to our members. Bugcrowd is a leading provider of crowdsourced security and bug bounty programs, connecting organizations with more than 50,000 independent security researchers to identify vulnerabilities. As an (ISC)² member, you can participate in Bugcrowd’s bug bounty programs in exchange for CPE credits.

We encourage you to participate in this program to continue honing your security skills, and to apply those skills to help inspire a safe and secure cyber world.  

To participate,

  1. Sign up as a Bugcrowd researcher at bugcrowd.com
  2. Find a bug in one of Bugcrowd’s bug bounty programs, including the (ISC)² Bug Bounty Program
  3. Earn up to 5 CPE credits for each valid bug found, depending on the severity of the vulnerability
  4. Enter your (ISC)² member number in your submission form, so that Bugcrowd can submit your contributions at the end of the month

Members who participate in the program can earn as many as 15 CPE credits each year. As a security-centric organization, Bugcrowd values and encourages independent security research, even on their own products. Their bug bounty program helps them connect with the research community, and provides their organization with constant security feedback.

Keep your skills sharp and keep our site – and others – secure with the bug bounty program.

Learn more about the Bugcrowd and (ISC)² partnership

 

 

Read More
Researcher Resources

Thick Client Promotion: Q1 Final Winners

Posted by Chloe Brown on May 2, 2017 10:03:28 AM

For the last two quarters , we've challenged our crowd to report vulnerabilities against the toughest targets our programs have to offer–thick client applications. Bounties that fall into this category include Avira (client software), AVG Technologies (client-side application), OWASP ZAP (desktop application) and several private programs.

Learn more about the promotion here

Read More
Researcher Resources

Payday is Moving to Wednesday!

Posted by Kaila Pollart on Apr 24, 2017 10:30:06 AM

Fridays have long been a day to look forward to for Bugcrowd researchers; now researchers can look forward to getting paid on Wednesdays! 🐫

Read More
Researcher Resources

How to use Bug Bounties to Build Your Career - Bug Bounty Hunter Methodology

Posted by Sam Houston on Feb 27, 2017 4:08:54 PM

This is the fifth post in our series: "Bug Bounty Hunter Methodology". Read on to learn how you can use bug bounties to build and grow a successful penetration testing or bug hunting career. If you have any feedback, please tweet us at @Bugcrowd.  

Read More
Researcher Resources

Writing successful bug submissions - Bug Bounty Hunter Methodology

Posted by Sam Houston on Feb 22, 2017 3:14:12 PM

This is the fourth post in our series: "Bug Bounty Hunter Methodology". Today's is a guest post from Scott Robinson, @sd_robs on Twitter and SRobin on Bugcrowd. Read on to learn how to write a successful bug submission. If you have any feedback, please tweet us at @Bugcrowd.  

Read More
Researcher Resources

The Importance of Notes & Session Tracking - Bug Bounty Hunter Methodology

Posted by Sam Houston on Feb 14, 2017 1:10:13 PM

This is the third post in our series: "Bug Bounty Hunter Methodology". Today's is a guest post from ZephrFish, whom you can follow on twitter at @ZephrFish. Read on to learn how to use notes and session tracking to make your bug bounty hunting more successful.  If you have any feedback, please tweet us at @Bugcrowd. 

 

Read More
Researcher Resources

The Importance of Scope - Bug Bounty Hunter Methodology

Posted by Sam Houston on Feb 8, 2017 8:30:00 AM

This is the second post in our new series: "Bug Bounty Hunter Methodology". Today we explore bounty scopes, disclosure terms & rules, and how those guide you in your hacking. If you have any feedback, please tweet us at @Bugcrowd. 

Read More
Researcher Resources

Getting Started - Bug Bounty Hunter Methodology

Posted by Sam Houston on Feb 2, 2017 2:23:08 PM

 This is the first post in our new series: "Bug Bounty Hunter Methodology". Over the coming weeks, we will share information and resources that will help any aspiring security researcher or bug bounty hunter get their start. If you have any feedback, please tweet us at @Bugcrowd.

Read More
Researcher Resources

Thick Client Promotion: Final Winners & Program Extension

Posted by Chloe Brown on Jan 16, 2017 9:56:48 AM

Throughout October, November and December 2016, we challenged our crowd to submit bugs against some challenging targets–thick client applications. Previously we announced our October and November winners and today we’re excited to announce our two final two winners:

Read More
Researcher Resources

December 2016 Hall of Fame!

Posted by Kaila Pollart on Jan 4, 2017 2:26:16 PM

Bugcrowd is excited to announce our December 2016 Hall of Fame winners! 

Read More
Researcher Resources