Bugcrowd Explained
Bugcrowd |
Type: | Private |
Industry: | Cybersecurity |
Founded: | 2012 |
Founders: | Casey Ellis, Chris Raethke, Sergei Belokamen |
Hq Location: | San Francisco, California and Australia |
Bugcrowd is a crowdsourced security platform.[1] [2] [3] It was founded in 2012, and in 2019 it was one of the largest bug bounty and vulnerability disclosure companies on the internet.[4] Bugcrowd runs bug bounty programs and also offers a range of penetration testing services it refers to as "Penetration Testing as a Service" (PTaaS), as well as attack surface management.[5] [6] [7]
History
Bugcrowd was founded in Sydney, Australia in 2012., its main headquarters is in San Francisco, with other offices in Sydney and London.[8]
In May 2024, Bugcrowd acquired attack surface management company, Informer.[9]
Funding
Bugcrowd has raised a total of $78.7 million in funding over 6 rounds. Their seed funding started in 2013 to increase their 3000 vetted security testers. This seed funding was primarily led by Rally Ventures and they were able to raise $1.6 million.[10]
Series A funding round took place in 2015 and was led by Costanoa Ventures, raising $6 million.[11]
Blackbird Ventures led funding for their Series B round with $15 million raised in April 2016.[12] [13]
In March 2018, it secured $26 million in a Series C funding round led by Triangle Peak Partners.[14]
Bugcrowd announced Series D funding in April 2020 of $30 million led by previous investor Rally Ventures.[15] [16]
Clients
, Bugcrowd worked with 65 industries across 29 countries. Their clients have included Tesla, Atlassian, Fitbit, Square, Mastercard, Amazon and eBay.[17]
Bugcrowd's first partner in the financial industry was Western Union, in 2015. Originally a private, invite-only program, it was later opened to the public, with rewards varying between $100 and $5000 depending on the bug.[18] In 2020, Bugcrowd helped National Australia Bank become one of the first banks in Australia to launch a bug bounty.[19]
Samsung has also worked with Bugcrowd, rewarding a total of over $2 million in rewards to those who found bugs in Samsung's security.[20]
Job platform Seek has been using Bugcrowd since 2019 with the highest reward from their bug bounty program being $10,000.[21] [22]
In 2020, ExpressVPN worked with Bugcrowd, awarding $100 to $2500 depending on the severity of the vulnerabilities that were found, with 21 critical findings identified.[23]
Bugcrowd also runs programs for the U.S. DOD, the Air Force and DDS.[24] [25]
Other projects
In 2018, Bugcrowd and CipherLaw's Open Source Vulnerability Disclosure Framework, together with the #LegalBugBounty project, created the open-source project disclose.io, which aims to create an open-source standard for bug bounties and vulnerability disclosures to help hackers and organizations work together to make the Internet safer.[26] [27]
The company also runs Bugcrowd University, which provides educational resources to help the public learn how to code, find bugs in security systems and patch them.[28] [29]
External links
Notes and References
- Web site: Hackers Receive $500,000 in One Week via Bugcrowd. SecurityWeek.Com. 11 November 2019 . March 22, 2020. March 22, 2020. https://web.archive.org/web/20200322102118/https://www.securityweek.com/hackers-receive-500000-one-week-bugcrowd. live.
- News: HackerOne connects hackers with companies and hopes for a win-win.. June 7, 2015. The New York Times. October 28, 2015. June 11, 2015. https://web.archive.org/web/20150611094620/http://www.nytimes.com/2015/06/08/technology/hackerone-connects-hackers-with-companies-and-hopes-for-a-win-win.html?_r=0. live.
- Web site: Here's the Netflix account compromise Bugcrowd doesn't want you to know about. Ars Technica. March 22, 2020. March 22, 2020. https://web.archive.org/web/20200322102108/https://arstechnica.com/information-technology/2020/03/bugcrowd-tries-to-muzzle-hacker-who-found-netflix-account-compromise-weakness/. live.
- Web site: TechCrunch is now a part of Verizon Media. techcrunch.com. 31 May 2019 . March 22, 2020. March 28, 2020. https://web.archive.org/web/20200328043725/https://techcrunch.com/2019/05/31/bugcrowd-crowdsourcing-cybersecurity/. live.
- Web site: Top 5 Bug Bounty Platforms to Watch in 2021. 8 February 2021. thehackernews.com. https://web.archive.org/web/20210707100914/https://thehackernews.com/2021/02/top-5-bug-bounty-programs-to-watch-in.html. 7 July 2021. en.
- Web site: Penetration Testing as a Service . Bugcrowd . 17 October 2023.
- Web site: Attack Surface Management . Bugcrowd . 17 October 2023.
- Web site: Aussie cyber security bounty hunter Bugcrowd has big plans after $33m round. 5 March 2018. Michael Bailey. afr.com. Australian Financial Review. 2021-07-07. https://web.archive.org/web/20210707100103/https://www.afr.com/technology/aussie-cyber-security-bounty-hunter-bugcrowd-has-big-plans-after-33m-round-20180302-h0wxtr. 7 July 2021. en.
- Web site: Lunden . Ingrid . May 23, 2024 . Bugcrowd, the crowdsourced white-hat hacker platform, acquires Informer to ramp up its security chops . Techcrunch.
- Web site: Bugcrowd Raises $1.6 Million To Expand Bug Bounty Marketplace. 4 September 2013. techcrunch.com. TechCrunch. 2021-07-07. en. Mahesh Sharma. https://web.archive.org/web/20210707113327/https://techcrunch.com/2013/09/04/bugcrowd-raises-1-6-million-to-expand-bug-bounty-marketplace/. 7 July 2021.
- Web site: Bugcrowd Raises $6 Million In Series A Funding To Further Accelerate Enterprise Adoption Of Crowdsourced Security. 12 March 2015. prnewswire.com. PR Newswire. en. 2021-07-07. https://web.archive.org/web/20210707112427/https://www.prnewswire.com/news-releases/bugcrowd-raises-6-million-in-series-a-funding-to-further-accelerate-enterprise-adoption-of-crowdsourced-security-300049528.html. 7 July 2021.
- Web site: Bugcrowd raises cash because of the power of the people. 20 April 2016. en. Ben Kepes. networkworld.com. Network World. 2021-07-07. https://web.archive.org/web/20210707102519/https://www.networkworld.com/article/3057271/bugcrowd-raises-cash-because-of-the-power-of-the-people.html. 7 July 2021.
- Web site: Amid bug bounty appeal, Bugcrowd raises Series B. 20 April 2016. sfgate.com. San Francisco Chronicle. en. 2021-07-07. Sean Sposito. https://web.archive.org/web/20210707103350/https://www.sfgate.com/business/article/Amid-bug-bounty-appeal-BugCrowd-raises-Series-B-7266430.php. 7 July 2021.
- Web site: Bugcrowd Raises $26 Million to Expand Vulnerability Hunting Business. SecurityWeek.Com. March 2018 . March 22, 2020. March 22, 2020. https://web.archive.org/web/20200322102117/https://www.securityweek.com/bugcrowd-raises-26-million-expand-vulnerability-hunting-business. live.
- Web site: Bugcrowd raises $30M in Series D to expand its bug bounty platform. 2021-01-09. TechCrunch. 9 April 2020 . en-US.
- Web site: Bugcrowd raises $30M in Series D to expand its bug bounty platform. Zack Whittaker. 9 April 2020. techcrunch.com. TechCrunch. 2021-07-07. en. https://web.archive.org/web/20210707101930/https://techcrunch.com/2020/04/09/bugcrowd-series-d/?guccounter=1. 7 July 2021.
- Web site: Bugcrowd raises $26 million in latest funding round. 1 March 2018. Zaid Shoorbajee. cyberscoop.com. 2021-07-07. en. https://web.archive.org/web/20210707114423/https://www.cyberscoop.com/bugcrowd-series-c-funding/. 7 July 2021.
- Web site: Bugcrowd Enters Financial Sector, Announces Managed Bug Bounty Program for Western Union. 11 March 2015. prnewswire.com. PR Newswire. 2021-07-07. en. https://web.archive.org/web/20210707120710/https://www.prnewswire.com/news-releases/bugcrowd-enters-financial-sector-announces-managed-bug-bounty-program-for-western-union-300048497.html. 7 July 2021.
- Web site: NAB LAUNCHES CYBER BUG BOUNTY PROGRAM. 25 September 2020. news.nab.com.au. National Australia Bank. 2021-07-07. en. https://web.archive.org/web/20210707121401/https://news.nab.com.au/news_room_posts/nab-launches-cyber-bug-bounty-program/. 7 July 2021.
- Web site: Bugcrowd's Crowdsourced Cybersecurity Platform Helps Pay Over $2M to Researchers for Samsung Mobile Rewards Program. 17 November 2020. darkreading.com. 2021-07-07. en. https://web.archive.org/web/20201202002827/https://www.darkreading.com/mobile/bugcrowds-crowdsourced-cybersecurity-platform-helps-pay-over-$2m-to-researchers-for-samsung-mobile-rewards-program/d/d-id/1339480. 2 December 2020.
- Web site: Get involved with SEEK's $10K Bug Bounty Program. 29 January 2019. medium.com. 2021-07-07. en. Julian Berton. https://web.archive.org/web/20210707124227/https://medium.com/seek-blog/get-involved-with-seeks-10k-bug-bounty-program-20933b310dca. 7 July 2021.
- Web site: Reporting Security Vulnerabilities. seek.com.au. 2021-07-07. en.
- Web site: Calling all ethical VPN hackers: ExpressVPN launches new-look bug bounty program. 16 July 2020. techradar.com. TechRadar. 2021-07-07. en. Joel Khalili. https://web.archive.org/web/20210707122759/https://www.techradar.com/news/calling-all-ethical-vpn-hackers-expressvpn-launches-new-look-bug-bounty-program. 7 July 2021.
- Web site: DOD Invests $34 Million in Hack the Pentagon Expansion. 24 October 2018. Aaron Boyd. nextgov.com. 2021-07-07. en. https://web.archive.org/web/20201126130209/https://www.nextgov.com/cybersecurity/2018/10/dod-invests-34-million-hack-pentagon-expansion/152267/. 26 November 2020.
- Web site: Leading innovation in the US Air Forces. businesschief.com. Lauren Knausenberger. 21 May 2020 . https://web.archive.org/web/20210707125618/https://businesschief.com/interviews/lauren-knausenberger-leading-innovation-in-the-us-air-force. 7 July 2021.
- Web site: Gallagher . Sean . New open source effort: Legal code to make reporting security bugs safer . Ars Technica . 17 October 2023 . en-us . 2 August 2018.
- Web site: Haworth . Jessica . Open source Disclose.io framework bridges legal gap in bug reporting . The Daily Swig . PortSwigger Web Security . 17 October 2023 . en . 14 August 2018.
- Web site: Top 10 cybersecurity online courses for 2021. techtarget.com. TechTarget. 2021-07-07. en. https://web.archive.org/web/20210707123538/https://searchsecurity.techtarget.com/tip/Top-10-cybersecurity-online-courses. 7 July 2021.
- Web site: Bugcrowd University Opens Its Doors to the Crowd . Bugcrowd . 17 October 2023 . 8 August 2018.