Resources

Browse our collected videos, guides, reports and demos to learn more about Bugcrowd and crowdsourced security.


Subscribe to Updates
2016 State of Bug Bounty Report
Download

2016 State of Bug Bounty Report

Bugcrowd's second annual report shows the current state of the bug bounty ecosystem, with data from organizations running bug bounty programs and security researchers participating in them.

Read more about it →
  • Grace Hopper Has a Posse

    At Bugcrowd we love Grace Hopper, the original bug hunter. Learn more about her legacy and how to donate to her foundation. 

  • Webinar

    5 Critical Security Issues for 2017 (And How to Address Them)

    Over the past twelve months we’ve witnessed a shift in how companies are tackling their application security challenges. Join a CISO, an AppSec guru, and IoT security expert to hear industry leading perspectives on the trends that have emerged over the past year, and what to look forward to in the next. 

  • Guide

    7 Bug Bounty Myths, Busted

    From confusion about how bug bounties work to questioning their effectiveness (and everything in between) we dug into our data investigate the 7 Biggest Bug Bounty Myths.

  • Guide

    Inside the Mind of a Hacker

    In this report we highlight a few specific bug hunters in the global Bugcrowd community, examine different motivations of different types of bug hunters and provide 'action items' for program owners to tap into different segments of researchers.

  • Webinar

    Monthly 'Big Bugs' Podcast

    Our monthly podcast hosted by Jason Haddix, Dr. of Technical Operations at Bugcrowd, analyzes some juicy bugs we've seen and how to defend against them. Subscribe now to get monthly episodes. 

  • Guide

    Anatomy of a Bounty Brief

    In this guide, you'll learn what makes for a good bounty brief and a successful program, as well as how researchers and program owners can align their respective expectations and avoid ambiguity and miscommunication. 

  • Guide

    Meet Crowdcontrol

    Bugcrowd's platform, Crowdcontrol, connects your security teams and applications to thousands of trusted hackers around the world.

  • Webinar

    Writing Vulnerability Reports that Maximize Your Bounty Payouts

    Kymberlee Price discusses several critical steps to writing great vulnerability submissions that will speed up issue triage for the incident response team receiving reports (and result in higher bounty payouts). Examples of common mistakes will be reviewed with real submissions received by Bugcrowd.

  • Download

    2016 State of Bug Bounty Report

    Bugcrowd's second annual report shows the current state of the bug bounty ecosystem, with data from organizations running bug bounty programs and security researchers participating in them.

  • Guide

    Bugcrowd's Vulnerability Rating Taxonomy

    The VRT is a resource outlining Bugcrowd’s baseline priority rating, including certain edge cases, for vulnerabilities that we see often. Last updated March 2016. 

  • Guide

    Welcome to Bugcrowd

    Bugcrowd puts an army of thousands of the world's top security researchers on your side. With specialized skills in web and mobile applications, just like yours, they even the odds and find bugs in your code before the bad guys do.

  • Webinar

    How to Shot Web by Jason Haddix

    Originally given at DEFCON 23, Jason Haddix explores successful tactics and tools used by himself and the best bug hunters. Practical methodologies, tools and tips that make you better at hacking websites and mobile apps to claim those bug bounties. 

  • Webinar

    How the Crowd Outperforms Traditional Security Testing

    State of the art security programs have been turning to bug bounties to leverage a vast array of skill-sets and knowledge for years. Organizations like Google, Facebook and Mozilla utilize crowdsourced security testing with great results, and now smaller companies are following suit, oftentimes using intermediaries like Bugcrowd to manage their own programs. 

  • Infographic

    Bug Bounties, Visualized

    Learn about the security job gap, and how Bugcrowd helps close that gap with crowdsourced security programs.

  • Learn More About Our Customers

    We have the pleasure every day of working with some of the most innovative companies in the world. By listening and iterating on feedback from them, we’re working hard to develop industry changing products and services. See what our customers have to say.