Bugcrowd`, a platform offering bug bounty programs and public vulnerability disclosure, has been criticized for its initial recommendation of Non-Disclosure as the default policy in its product documentation. However, the company clarifies that it is actually pro-disclosure and supports both Co-ordinated Vulnerability Disclosure (CVD) and Non-Disclosure models, with CVD being the default for public programs and Non-Disclosure being used for private or Next Generation Penetration Testing offerings. Bugcrowd aims to normalize vulnerability disclosure through its support of CVD while also supporting NDAs to maximize use-cases for connecting whitehat hackers with cybersecurity problems. The company emphasizes the importance of context and transparency in vulnerability handling, acknowledging that the topic can be confusing without proper understanding.