Bugcrowd’s global Crowd of experienced pen testers and whitehat hackers help customers find 7x more critical vulnerabilities than traditional pen tests
SAN FRANCISCO – November 14, 2018 – Bugcrowd, the #1 crowdsourced security platform, today announced Bugcrowd Next Gen Pen Test, a new product with unique platform capabilities to meet organizations’ evolving security needs as attack surfaces grow at an accelerated pace. Bugcrowd helps organizations around the world level the cybersecurity playing field by cost effectively harnessing the creativity of a global Crowd of trusted pen testers and whitehat hackers to identify vulnerabilities before adversaries – something you can’t get through traditional security testing alone.
Organizations spend millions of dollars a year today on compulsory pen tests with minimal results and ROI. The traditional pen test model incentivizes pen test providers to apply limited resources resources, with limited depth of skills, on a limited schedule. According to a recent survey, nearly 60% of security leaders are highly dissatisfied with current penetration test efforts, with more than 70% reporting they do not believe their current penetration testing methodology uncovers high priority security vulnerabilities. In fact, according to Gartner’s June 2018 Emerging Technology Analysis: Bug Bounties and Crowdsourced Security Testing, pen testing “adds limited value in improving application security, and is out of step with DevSecOps-based approaches that rapidly iterate on applications.”
Bugcrowd Next Gen Pen Test is the only scalable model for sidestepping the operational handcuffs of traditional testing approaches. By leveraging a global Crowd of thousands of uniquely skilled and trusted pen testers, companies are able to rapidly build and incentivize the perfect team for every engagement – providing continuous testing, with less overhead, in less time, and with more predictable results. Bugcrowd Next Gen Pen Test goes a step above traditional pen testing to provide coverage assurance, comprehensive methodology and reporting, and deep integration into the software development lifecycle. Bugcrowd customers find more critical vulnerabilities with Next Gen Pen Test than traditional pen tests, dramatically improving their security posture.
“Planning a traditional penetration test is a painful process. There are a lot of hoops to jump through, not to mention, scoping is difficult and the methodology is strict,” said Richard Rushing, CISO, Motorola Mobility. “Bugcrowd Next Gen Pen Test leverages the crowdsourced security model to bring me 10x the security coverage needed for today’s application and the cost savings. You can’t beat it.”
“As I speak to CSOs around the world, they’re looking for better ways to protect their organizations than the traditional pen testing approaches that have not changed in more than 20 years – and have in fact failed to reduce overall security risk,” said Ashish Gupta, CEO, Bugcrowd. “The solution can only be addressed by a radical shift in pen test design, which lends itself exceptionally well to the crowdsourced security model. Bugcrowd Next Gen Pen Test brings together the needed variety of experience and technical specialization on an ongoing basis to handle the complexity of constantly changing attack surfaces companies will face in the coming years.”
Bugcrowd Next Gen Pen Test combines the continuity of 24/7/365 testing and the methodology and reporting needed to meet compliance and audit requirements. Included in Bugcrowd Next Gen Pen Test are unique platform capabilities, including:
- CrowdMatch™: Unparalleled knowledge of the behaviors, performance, and skills of a crowd of thousands of uniquely skilled pen testers to rapidly and dynamically build the perfect team for every engagement.
- BugHunter Methodology™: Proven approach to pen testing that brings together leading industry testing standards, such as OWASP Top 10, PCI, NIST, and others, with incremental tests from a hacker mindset to drive risk reduction and compliance.
- ResearcherDirect™: Direct researcher engagement and oversight to foster relationships and knowledge through a secure portal not available via traditional pen testing.
- Vulnerability Rating Taxonomy (VRT): A community-driven, open source guide provides quick ID of high priority vulnerabilities, reducing overhead.
To learn more about Bugcrowd Next Gen Pen Test, tune in to the upcoming webinar on Thursday, November 15, 2019 featuring Bugcrowd CSO, David Baker, and Vice President of Researcher Growth, Jason Haddix.
About Bugcrowd
Bugcrowd is the #1 crowdsourced security platform. More enterprise organizations trust Bugcrowd to manage their bug bounty, vulnerability disclosure, and next gen pen test programs. By combining the largest, most experienced triage team with the most trusted whitehat hackers around the world, Bugcrowd generates better results, reduces risk through remediation advice, and empowers organizations to release secure products to market faster — with no hidden fees. Based in San Francisco, Bugcrowd is backed by Blackbird Ventures, Costanoa Ventures, Industry Ventures, Paladin Capital Group, Rally Ventures, Salesforce Ventures and Triangle Peak Partners. Bugcrowd. Outhack Them AllTM. Learn more at www.bugcrowd.com.
