How Bugcrowd identifies critical software vulnerabilities

Founded in 2012, Bugcrowd is a provider of crowdsourced cybersecurity solutions purpose-built to secure the digitally connected world.

Bugcrowd offers a solution that orchestrates data, technology, and human intelligence to expose blind spots. Trusted by organisations across the globe, it uncovers and remediates vulnerabilities before they interrupt business by leveraging expert ingenuity and the knowledge of security researchers.

Based in San Francisco, Bugcrowd is backed by Blackbird Ventures, Costanoa Ventures, Industry Ventures, Paladin Capital Group, Rally Ventures, Salesforce Ventures and Triangle Peak Partners.

Protecting organisations with a variety of products 

The Bugcrowd Security Knowledge Platform enables businesses to do everything proactively possible to protect their organisation, reputation and customers with products like Bug Bounty, Penetration Testing-as-a-Service, and more. 

Recently the company has announced the availability of new features and functionality for its Bugcrowd Security Knowledge Platform that leverages the global ethical hacker community (the Crowd) for streamlined Penetration-Testing-as-a-Service (PTaaS), among other services. 

Customers can now benefit from faster time to launch and enhanced, real-time visibility into pen tester findings so that their organisations can deploy a proactive line of defence against adversaries. New Bugcrowd PTaaS features include a dashboard with customer visibility into the progress of methodology-based pen tests–providing a 360-degree, real-time view for pen testers, customers, and Bugcrowd Security Engineers.

Speed is critical when trying to reduce risk

Industry analysts predict the external penetration testing market will be worth US$4.5bn by 2025 in the US, driven by regulatory and compliance initiatives requiring all organisations to implement security best practices to mitigate cyberattacks. 

Those seeking services from traditional service providers face scheduling and delivery delays of up to three months, stalling sales cycles and product launches while prolonging exposure. The Bugcrowd Security Knowledge Platform has proven that connecting the right security researchers to the right use case coupled with a launch time of less than 72 hours can increase critical findings, while reducing risk and business overhead.

The machine learning capabilities of the platform’s CrowdMatchTM technology for automated, precise matching of researchers to customer needs have also been improved to yield at least a 60% increase invalid submissions.