Bugcrowd Inc
Bugcrowd Inc
Key Info
Summary
Penetration TestingAbout
Bugcrowd is a crowdsourced security platform. Bugcrowd offers multiple products on its platform such as Vulnerability Disclosure, Bug bounty, Penetration testing as a service etc.
Bugcrowd PTaaS is a solution on the Bugcrowd Platform for doing methodology-driven penetration testing. A variety of targets, test durations, and testing models (pay-for-effort or pay-for-results) are available, in addition to support for options like internal targets, specialized pentester skill sets, and geolocation limitations. Prioritized findings, methodology checklist status, and the final report are available through a platform dashboard.
Read lessCybersecurity Focus
Accreditations
Pen Test – Basic
A vulnerability assessment designed to identify low-hanging fruit and vulnerabilities with publicly known exploits available within a relatively short timeframe. Ideal for companies with an immature security posture or newly built environments that will require penetration testing in the future.
Pen Test – Standard
A tightly scoped, time-boxed, methodology driven penetration test available for web applications, mobile apps, standalone APIs, and external network infrastructure. Offerings are in “t-shirt sizing”, designed for quick and simplistic accessibility. Ideal for repeat engagements or customers with experience in scoping pen tests and can work within the sizes.
Pen Test – Plus
A methodology driven, completely customizable penetration test available for web applications, mobile apps, standalone APIs, external and internal network infrastructure, and IoT devices. Can accommodate unique and bespoke scoping requirements and those tests that do not fit into the t-shirt sizing of the Standard offering.
Pen Test – Max
A pen test that utilises multiple researchers in both a methodology driven and bounty format, guaranteeing coverage of a scope while getting the broadest and deepest impact available by directing large pools of resources toward the effort. A hybrid of the two, the Max offering is most suited toward large scopes and ongoing programs. Once the methodology testing is complete, the program reverts to a Managed Bug Bounty until such time that another methodology, focused test is required, at which point it will ramp back up for the designated period.