Mais conteúdo relacionado Innovation Sandbox 2015: Bugcrowd2. © 2015 RSA Conference. All rights reserved.
The defender’s dilemma is real
2
• Hacked
• Stolen
credentials
• Hacked
• Vulnerable web
app
• Hacked
• Vulnerable web
app
• Hacked
• Leaked
credentials
• Hacked
• 80M Stolen SS
3. © 2015 RSA Conference. All rights reserved.
The Solution
• Large tech created bug bounties to level the playing field.
• Bugcrowd brings crowdsourced security to everyone else.
3
v1 v2
4. © 2015 RSA Conference. All rights reserved.
Crowdcontrol Platform
4
• The Crowdcontrol platform delivers enterprise grade
communication and control between your team and
security researchers
5. © 2015 RSA Conference. All rights reserved.
Does it work?
“Bugcrowd’s testers dig deeper in their testing
than any testing previously done (either vendor
provided or internally performed). ”
David Levin, Director of Information Security at Western Union
5
6. © 2015 RSA Conference. All rights reserved.
Researcher Adoption
6
33,128 Valid
Submissions
726 P3 or
Higher
Security
Vulns
211
Unknown
P1’s
$506,215.02
Paid Out
Top Payout:
$10,000
7. © 2015 RSA Conference. All rights reserved.
Enterprise Ready Bugcrowd
7
• One platform
• 16,000
researchers
• Three offeringsFlex Flex Continuous Traditional
Crowdcontrol Platform
8. © 2015 RSA Conference. All rights reserved.
Core Team
8
Casey Ellis
Founder and CEO
15+ years in infosec
Former CSO Scriptrock
Chris Raethke
Founder and CTO
Sold Rightcrowd to SAP
Former Army Engineer
Jonathan Cran
VP Operations
Built Metasploit QA
program
Former CTO Pwnie Express
Brooke Motta
VP Sales
Took Rapid7 from
$0 to $50M ARR
Chris Tilton
VP Marketing
17+ years in Infosec
Previously: WhiteHat,
Veracode, SPI Dynamics
9. © 2015 RSA Conference. All rights reserved.
These brands (and others) trust Bugcrowd
10. © 2015 RSA Conference. All rights reserved.
Questions?
@caseyjohnellis
https://bugcrowd.com
casey@bugcrowd.com
10