Crowdsourced Security

Bugcrowd leverages a global community of white hat hackers to help customers surface and rapidly process critical vulnerabilities that may evade existing security testing processes. They are the only crowdsourced security testing platform that also helps customers actually improve broader security and development operations while reducing risk, for clear ROI across the board.

Learn More
Dots Bug Crowd Logo

Why Crowdsourced Security?

Crowdsourced Security is a powerful tool – used by leading edge firms such as Google, Apple and Facebook – to decrease risk. However crowdsourced security is not yet well understood across the enterprise security community. This brief will define crowdsourced security and describe why it’s a key element of any viable security architecture.

An interview with the founder, a former Vectra employee - Casey Ellis

How it works

Crowdsourced Security: A Human-Based Approach to Risk Reduction


Design your program

You define the attack surfaces you need to harden, for example web application front ends or a mobile application.


Connect to The Crowd

Depending on the type of program, you either publish the program broadly to the researcher community, or engage a more limited set of researchers in a private “invite only” program.


Find Vulnerabilities

As vulnerabilities are uncovered by the researchers, they are triaged to determine validity and severity.


Incentivize Results

You pay a reward (or grant public “kudos”) to the researcher for finding the problem, patch the vulnerability, and verify that the attack vector has been closed.