Bugcrowd Reduces the Cost and Effort of Unifying Vulnerability Data Across Systems
Latest release simplifies integration of Crowdcontrol™ with enterprise security infrastructure
SAN FRANCISCO – February 7, 2017—Bugcrowd, the leader in crowdsourced security testing, today announced the general availability of the latest release to its Crowdcontrol™ platform. Today’s update simplifies and reduces the cost of integrating vulnerability data into enterprise security infrastructure. Through the new Application Program Interface (API) customers can now seamlessly pass information to and from vulnerability management systems, bug tracking systems, and SIEMs.
“The new Bugcrowd platform capabilities will reduce the time Magento’s software developers spend synchronizing vulnerability data across our infrastructure,” said John Steer, chief of product security, Magento. “The new API capabilities will allow us to have a more unified picture of our security status and reduce our costs.”
Bugcrowd’s latest release also streamlines how organizations manage their bug bounty programs with the ability to define specific roles and improves the data available to program owners to meet reporting needs.
Key features of today’s release include:
- New Application Programming Interface (API): Bugcrowd’s customizable API delivers a whole new set of features designed to empower customers, streamline processes and provide the flexibility to integrate directly with the Crowdcontrol management platform. Program information can now be passed seamlessly between customer security systems and Bugcrowd, while granting security personnel the ability to perform complex tasks such as bug queries, submission adds, and data synchronization without logging into the console.
- More Detailed Reporting for On-Demand Programs: Bugcrowd On-Demand programs are private engagements designed to replace costly penetration tests and are regularly used for testing of new products or major releases. Enhanced reporting provides detailed insights into the performance of On-Demand bug bounty programs.
- Additional Program Roles: With program roles, companies now have the power to assign access to programs within their organization based on job role. This feature provides the ability for organizations to scale their programs.
“This release further simplifies integration of Bugcrowd into our customers’ security and testing environments,” said Jonathan Cran, vice president of product, Bugcrowd. “By making it even easier to pass information between Bugcrowd and internal systems, onboard security infrastructure and build better workflows, today’s release is focused squarely on helping customers get the most out of their bug bounty program. We’re passionate about delivering high-quality security testing powered by the crowd, and this release makes it simpler than ever.”
From technology companies like Pinterest and Fitbit, to financial institutions like Western Union and automotive companies like Fiat Chrysler of America, world-class organizations turn to Bugcrowd to manage their bug bounty programs. For more information on Bugcrowd's customer programs, visit: https://bugcrowd.com/customers. For a list of public programs, visit: https://bugcrowd.com/programs.
The pioneer and innovator in crowdsourced security testing for the enterprise, Bugcrowd harnesses the power of more than 45,000 security researchers to surface critical software vulnerabilities and level the playing field in cybersecurity. Bugcrowd also provides a range of responsible disclosure and managed service options that allow companies to commission a customized security testing program that fits their specific requirements. Bugcrowd's proprietary vulnerability disclosure platform is deployed by Tesla Motors, Fiat-Chrysler, The Western Union Company, Pinterest, Barracuda Networks and Jet.com. Based in San Francisco, Bugcrowd is backed by Blackbird Ventures, Costanoa Ventures, Industry Ventures, Paladin Capital Group, Rally Ventures and Salesforce Ventures. Bugcrowd is a trademark of Bugcrowd, Inc. Learn more at www.bugcrowd.com.