SecurityBrief Asia - Technology news for CISOs & cybersecurity decision-makers
Story image
Bugcrowd can now launch penetration tests with a few clicks
Thu, 20th Apr 2023
FYI, this story is more than a year old

Bugcrowd, the multi-solution crowdsourced cybersecurity platform, has announced new capabilities in its Penetration Testing as a Service (PTaaS) offering that enables buyers to purchase, set up, and manage pen tests directly online without a need for lengthy sales calls and scoping sessions. PTaaS is one of several solutions delivered on the Bugcrowd Security Knowledge Platform.

Legacy pen test solutions are slow, non-transparent, and low impact. Other PTaaS providers often deliver shallow vulnerability assessments without offering access to pentester skill sets that many customers need.

Bugcrowd now enables customers to buy, set up, and launch a human-driven, high-impact pen test with a team matched to their precise needs with just a few clicks, cutting configuration time from days to hours.

Bugcrowd’s standard pen tests for external web apps and external networks are now available in three different sizes through this new self-service experience.

Bugcrowd offers the only platform-driven PTaaS through its Security Knowledge Platform, which includes a rich pen test dashboard for real-time access to test status, analytics, prioritized findings, and methodology progress. And, unlike other providers that take a cookie-cutter approach to sourcing pen testers, the Bugcrowd Platform's proprietary CrowdMatch technology uses machine learning to match precisely the right trusted testers to customer needs on demand based on a variety of parameters, such as skill sets, availability, and ability to deliver high-quality results.

“Bugcrowd is on a journey to transform pen tests from what are currently cumbersome consulting projects into agile, high-impact, highly engineered products that can be procured, scoped, and delivered ‘as a service’ through a multi-solution SaaS platform,” says Dave Gerry, chief executive officer of Bugcrowd. “With this announcement, we're democratizing security testing to empower organizations to quickly access the expertise of the crowd and transform the end-to-end experience for buyers and testers alike.”

“In today’s dynamic threat environment, you need to find hidden risks before attackers, and prioritize and remediate them fast. That’s where the Bugcrowd Security Knowledge Platform comes in, delivering unique advantages that dramatically fortify your security posture. It eliminates any ‘attacker advantage’ by precisely choosing the right trusted security researchers, then bringing them into your workflows to uncover hidden vulnerabilities. In addition, Bugcrowd’s validated, prioritized vulnerabilities and taxonomy let you know exactly which discoveries are most critical and what to remediate first,” adds Gerry.

The company also notes its security platform provides multiple solutions, including vulnerability disclosure, bug bounty, PTaaS, and attack surface management. 

“Our platform also provides deep, data-driven insights. With over a decade of learnings and 1000s of programs under our belt, you benefit from our proprietary information on attack vectors, vulnerabilities, assets, and remediation practices. Finally, our relationships with leading SDLC solutions and proven APIs let you flow program findings directly into your development and security processes and tools in real time,” he concludes.