Home / Companies / Bugcrowd / Blog / June 2019

June 2019 Summaries

7 posts from Bugcrowd

Filter
Month: Year:
Post Summaries Back to Blog
The Gartner Security and Risk Management Summit was attended by Bugcrowd, where Nicole Malachowski shared three key advice sessions on trust, vulnerability, and risk-based approach to security. Trust was emphasized as crucial for effective collaboration between security and development teams, with suggestions including adapting security testing tools to the developer's mindset and formalizing a "security champion" role within engineering teams. Vulnerability management was also discussed, highlighting the importance of creating a culture that embraces vulnerability and filtering narratives to break down common language barriers. A risk-based approach was advised, focusing on targeted imminent threat elimination and prioritization, with tools such as managed crowdsourced security programs like Bugcrowd helping organizations augment their security posture.
Jun 26, 2019 873 words in the original blog post.
The hacker community is increasingly collaborating on bug bounty submissions, with nearly 85% of security researchers either already collaborating or looking to collaborate in the future. Bugcrowd has launched a new feature called Researcher Collaboration, which enables multiple researchers to work together, split rewards and points, and submit vulnerability reports via the Crowdcontrol platform. This collaboration aims to leverage the ingenuity of researchers to achieve improved results, promote learning and camaraderie, and benefit from shared access to submissions and reward splits. The new feature is now available on all Bugcrowd public and bug bash programs, and researchers can visit the documentation page for more information on how it works.
Jun 17, 2019 398 words in the original blog post.
Bugcrowd is excited to participate in several high-profile conferences and events this year, including BSides Las Vegas, Black Hat, and DEF CON 27, where attendees can expect custom swag, presentations, panel discussions, car hacking and recon activities, a LevelUp party sponsored by Bugcrowd, and other interactive experiences. The company will have a booth at BSides and a dedicated booth at Black Hat, as well as a hospitality suite at Planet Hollywood and sponsorship of the Queercon Pool Party and DEF CON's Car Hacking Village. Bugcrowd is also hosting an arcade event with classic video games and a 16-player foosball table.
Jun 17, 2019 580 words in the original blog post.
The Bugcrowd LevelUp series aims to provide resources and opportunities for researchers to develop new skills in bug hunting, with the help of the community. The event featured eight presentations on various topics such as web hacking tools, mobile security, group hacking, and car hacking, all of which are now available on YouTube and Bugcrowd University. The event highlighted the importance of collaboration and community building, with presenters sharing their experiences and knowledge to help others advance in their careers. The series will continue next fall with LevelUp 0x05, providing more opportunities for researchers to learn and grow.
Jun 11, 2019 665 words in the original blog post.
The company Bigbank is launching its new Vulnerability Disclosure Program with Bugcrowd, which enables the organization to scale its crowdsourced security approach and streamline the process for intaking vulnerability submissions. The program aims to encourage security researchers to report potential vulnerabilities in a coordinated manner, providing a more consistent and unified stream of information. By partnering with Bugcrowd, Bigbank can filter out false positives and duplicates, and utilize the submitted data to identify systemic issues that may not have been discovered otherwise. The program is designed to mimic a "neighborhood watch" for an organization's internet assets, fostering a positive relationship between security researchers and the company. This approach has allowed Bigbank to improve its cybersecurity efforts and expand its vulnerability disclosure program with Bugcrowd.
Jun 10, 2019 296 words in the original blog post.
We are excited to announce our May 2019 Hall of Fame winners, rubyroobs taking first place with 840 points, todayisnew coming in second with 611 points, and Mikee rounding out third with 470 points. We awarded bonuses ranging from $1,000 for third place to $3,000 for first place to recognize outstanding contributions. The company appreciates all its top performers and encourages others to submit high-severity bugs to earn kudos points, with the most critical bugs earning the highest rewards. Huge thanks were extended to all contributors, looking forward to June's Hall of Fame results.
Jun 05, 2019 153 words in the original blog post.
This June, Bugcrowd is celebrating Diversity and Equality as part of Pride Month, raising awareness about the challenges faced by the LGBTQ community and promoting diversity and equality within their own team and with their community of security researchers and customers. The company values diversity beyond just gender or skin color, looking at an individual's full background, motivations, and experiences to bring unique perspectives to their work. Bugcrowd is working with the SF AIDS Foundation to support a local nonprofit organization that aims to eliminate HIV transmission and extend the lifespan of those living with HIV through various programs and services. To encourage participation in Pride Month, Bugcrowd is offering exclusive swag to donors who contribute at least $40 to the fundraiser, with higher donation amounts unlocking additional rewards. The company hopes to make a real difference in community health and support for thousands through their efforts.
Jun 01, 2019 366 words in the original blog post.