Bugcrowd
Follow
149 Followers
Follow Bugcrowd on their other social channels!
About Us
Founded:
2012
Company Size:
51-200 employees
Company Type:
Private
Location:
San Francisco
Website:
Managed crowdsourced security programs for companies of all sizes, with a community of over 44,000 security researchers & white-hat hackers.
Read more
Promoted Content
State of Bug Bounty
Follow
61
Submission Data Updates
In the course of doing data validation in the final quarter of 2017, Bugcrowd engineers identified areas where submission data was not correctly updating. Because we value transparency, we have outlined the resolved changes below:
Follow
108
Announcing our ISO 27001 Certification
We hit a big milestone for Bugcrowd today. We are excited to announce we're ISO 27001 certified!
Follow
79
Today We Recognize Our 2017 MVP Researchers!
2017 was a fantastic year of growth for our researcher community and program owners alike, with 32% more submissions rewarded, a 25% increase to the average reward and 61% more total rewarded submissions! In 2017, 145 Researchers qualified into MVP status, and earned close to 44% of our 2017 total payouts, with a rewarded submission total of over $3 million!
Follow
65
Why Ethics Matter in Bug Bounties
In 2017 we saw more data breaches, phishing scams, ransomware, state-sponsored attacks than ever before. And while each one was damaging in their own right and continue to shape cybersecurity, one breach in particular stood out: the Uber breach. Not necessarily for the impact or the type of breach, but for what happened afterwards.
Follow
Setting the Bar High for Bug Bounty Triage and Validation
Running a bug bounty program on your own is difficult. Imagine receiving hundreds of vulnerability submissions weekly, many of them unimportant, and many of them duplicates of known vulnerabilities. Once you weed through those submissions, you'll have to respond if needed, prioritize impact, and determine what it's worth. Then you'll have to file a ticket to make sure it gets fixed and the most fun part of all, pay the researcher, which as you can imagine, may get tricky.
Follow
68
NIST: Vulnerability Disclosure as a Requirement for Every Organization
Earlier this month, the National Institute of Standard and Technology’s (NIST) cybersecurity framework released a revision (1.1, Draft 2) of its Framework for Improving Critical Infrastructure Cybersecurity. The new release now includes vulnerability disclosure processes as part of the Framework Core (on page 43).
Follow
67
Why more government agencies should run Bug Bounties and VDP
If you’re reading this article, statistically speaking your organization might be getting hacked. Data breaches of U.S. government networks, once novel, have become pervasive over the past year. Take it from the Office of Personnel Management (OPM) or the IRS – no one is safe anymore. In private sector, the Equifax hack and Intel’s processor vulnerabilities have hit mainstream media by storm. The question needs to be asked: are we doing enough to protect ou ...
Follow
75
Bugcrowd: The next frontier of cybersecurity
My career has taken me on an incredible journey. From being a commissioned officer in the Navy and serving in Operations Enduring and Iraqi Freedom, to Apple to the Pentagon, I’ve spent the better part of my life following and homing in on my passion. That’s what brings me here, to Bugcrowd.
Follow
77
2018 Predictions: It Takes a Crowd
At the end of 2017 we asked our researcher community what changes they predicted for the bug bounty space in the year to come.
Follow
Spectre & Meltdown: Quick Fact Sheet
Several recently-published research articles have demonstrated a new class of timing attacks (Meltdown and Spectre) that work on modern CPUs. Variants of this issue are known to affect many modern processors, including certain processors by Intel, AMD and ARM. For a few Intel and AMD CPU models, Google’s Project Zero has provided exploits that work against real software.
Follow
Highlights of our recent webinar \'2017 Predictions: 3 Experts Give Discuss Security Challenges for the Coming Year \' https://blog.bugcrowd.com/2017-security-expert-predictions

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Cybrary On The Go

Get the Cybrary app for Android for online and offline viewing of our lessons.

Get it on Google Play
 

Support Cybrary

Donate Here to Get This Month's Donor Badge

 

Cybrary|0P3N

HoneyBOT
Views: 373 / April 21, 2018
Protect Your PC from Attack in 4 Steps
Views: 371 / April 21, 2018
Advanced PDS: OST to PST Converter Solution
Views: 225 / April 21, 2018
XFS File System – RHEL7
Views: 957 / April 20, 2018
Skip to toolbar

We recommend always using caution when following any link

Are you sure you want to continue?

Continue
Cancel