Follow Bugcrowd on their other social channels!
About Us
Company Size:
51-200 employees
Company Type:
San Francisco
Managed crowdsourced security programs for companies of all sizes, with a community of over 44,000 security researchers & white-hat hackers.
Read more
Promoted Content
State of Bug Bounty
November 2017 Hall of Fame
Bugcrowd is pleased to recognize our November 2017 Hall of Fame winners!
The Personalities That Put the “Crowd” in Bugcrowd (Part 2 of 3)
Previously, in The Personalities that Put the “Crowd” in Bugcrowd (Part 1 of 3), I covered both the “Knowledge-Seeker” and “Hobbyist” personality types as part of the five distinct personalities that make up our crowd of over 65,000 security researchers. In order for companies to run successful bug bounty programs, it's important to understand researcher motivations - and to that end I will be covering the next two personality types in this post: th ...
Leveraging Policy and a Purpose-built Platform to Steer the Ship in SecOps
Crowdsourced security testing and vulnerability disclosure programs require the right combination of policy, resources, and support to be successful. Bugcrowd's leading platform and team bring years of experience facilitating success with whiteglove management of these programs. From the policy design, launch, and submission management our Operations team is a close partner of our talented researcher community and customers.
The Personalities That Put the “Crowd” in Bugcrowd (Part 1 of 3)
Last week, David Baker (Bugcrowd’s Chief Security Officer) released a blog post discussing why it's important to understand researcher motivations in order to run a successful bug bounty program. Furthermore - to enable current and future customers to get a better handle on what drives security researchers at Bugcrowd - we released the Inside the Mind of a Hacker (version 2.0) report covering a broad range of metrics around who the Crowd is comprised of; including data on age, l ...
MacOS High Sierra: Getting to the Root of the Problem
What we know so far Earlier today it was publicly disclosed that Apple’s MacOS High Sierra contains a trivially-exploitable flaw, which allows malicious individuals to generate a persistent root access account to your system. It is not readily apparent whether or not this vulnerability is remotely exploitable, but out an of abundance of caution there are several steps you can take immediately to protect your system.
The Uber breach: Extortion does not equal bug bounty
The bug bounty market is growing quickly. While an increasing number of organizations are embracing the concept, there still remains some confusion and ambiguity around paying hackers for vulnerabilities. Events like recently disclosed Uber breach illustrate this confusion. I’ll take this opportunity to clarify and define this rapidly evolving market.
Bugcrowd Introduces a New, Intuitive Submission Search Bar
We are excited to introduce new submission search and filtering capabilities to Crowdcontrol, built to optimize the time you spend finding submissions. Over the last three years, we have seen a steady rise in vulnerability submissions, with a 67% increase in submissions year over year and a 73% increase of valid submissions. What is driving this steady rise? Our recent “2017 State of the Bug Bounty Report” discusses bounty adoption growth, citing a 77% increase in new prog ...
How Understanding Researcher Motivations Can Help You Run a Successful Bug Bounty Program
Last week, we released our second annual Inside the Mind of a Hacker 2.0 report. We dove into different hacker profiles, their motivations for hacking, and the impact building a relationship makes on a successful bug bounty program. We found lots of interesting stats on our bug hunting community, both expected and surprising.
Inside the Mind of a Hacker 2.0
Last year, we launched the Inside the Mind of a Hacker report, sharing insights into the distinct profiles and stories, gathered from the Bugcrowd researcher community. Today we’re launching our second iteration on this, Inside the Mind of a Hacker 2.0, diving deeper into the collective power and intelligence the bug bounty community brings to the war on bugs. The stakes have never been greater, it seems. Breaches and attacks from independent actors or nation states have increa ...
How to Earn Your Way Onto a Private Bounty Program
We are consistently asked “How Do I Earn Private Program Invitations?”Hands down, this is our most commonly asked question from members of our Crowd, so we want to take this opportunity to reemphasize the most important information to keep an eye on if you’re looking to get invited to a private program. Since 2015, we have consistently used the following performance and activity markers (+ any required technical skills!) to choose our program participants. The criteria we cont ...
Highlights of our recent webinar \'2017 Predictions: 3 Experts Give Discuss Security Challenges for the Coming Year \' https://blog.bugcrowd.com/2017-security-expert-predictions

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Cybrary On The Go

Get the Cybrary app for Android for online and offline viewing of our lessons.

Get it on Google Play

Support Cybrary

Donate Here to Get This Month's Donor Badge



DUHK: The Technique That Got the VPN Compromised
Views: 1899 / December 10, 2017
What is Docker? [Series]
Views: 2396 / December 9, 2017
Wanna-Cry Ransomware
Views: 2347 / December 9, 2017
The Abyssal Depth of the Deep Web
Views: 2298 / December 8, 2017
Skip to toolbar

We recommend always using caution when following any link

Are you sure you want to continue?