46 Bugcrowd Reviews
Overall Review Sentiment for Bugcrowd
Log in to view review sentiment.
What I appreciate most about Bugcrowd is its collaborative approach to cybersecurity. The platform brings together a diverse community of ethical hackers and security professionals, empowering them to contribute to real-world security challenges. This collective intelligence not only enhances the security posture of organizations but also creates a dynamic environment where continuous learning and skill development are encouraged. Additionally, Bugcrowd's focus on transparency, fairness in rewards, and providing a platform for both experienced and novice hackers to contribute makes it a unique and impactful leader in the field of crowdsourced security. Review collected by and hosted on G2.com.
One area of improvement for Bugcrowd could be enhancing the communication and feedback loop between researchers and program owners. At times, the response times or clarity of feedback can be inconsistent, which may lead to frustration for researchers who are seeking more timely or detailed guidance on their submissions. Review collected by and hosted on G2.com.
Their account team helped us grow our discoosure program over time into something that we aim to evolve even further into an eventual Bug Bounty program. They help identify and engage the right researchers to get disclosures, without creating duplicate submissions via their triage team.
The account team are flexible and generous in their pricing in order to foster a good partnership, and to remain our vendor of choice for the long term. Review collected by and hosted on G2.com.
Their integrations are somewhat difficult to set up for things like Jira, and could do with an overhaul to the more modern toolchain service in Jira.
Initial engagement on our program was very slow, and required a lot of convincing of product owners to move to a public program without much evidence of eengagement beforehand. Review collected by and hosted on G2.com.
As a client been consistently impressed by the caliber of security submissions and the overall effectiveness of the Bugcrowd community.
A key strength lies in Bugcrowd's capacity to assemble a diverse and highly proficient group of ethical hackers and security experts.
The impressive feature is the submission process is a standout feature, characterized by its streamlined and efficient nature.
The platform's user-friendly interface further enhances this experience, enabling transparent communication, smooth collaboration, and constructive feedback throughout the entirety of the security testing process. Review collected by and hosted on G2.com.
The payment rule, when a submission hasn't been reviewed by the client for a certain period, is a point of concern. The client may still be in the process of reviewing, and the issue might not be critical for them. Unfortunately, There are few times when Bugcrowd missess to intervene or prompt the client to take action; instead, it automatically processes payment.
On the flip side, it's noteworthy that Bugcrowd does ensure researchers get paid, demonstrating a commitment to compensating their community promptly. However, striking a balance between ensuring timely payments for researchers and allowing clients sufficient time to assess submissions might be an area for improvement in Bugcrowd's process. Review collected by and hosted on G2.com.
We are running a bug bounty program with Bugcrowd. It turns out that the technical team triaging incoming submissions is very skilled and helps a lot in efficiently identify and track vulnerabilities in our products so that we can patch them. It is really a pleasure to work with the Bugcrowd team, we have really established a direct, uncomplicated and simple way of working together. It is just fun! Review collected by and hosted on G2.com.
Really nothing comes to our mind that we dislike about the service that we have been receiving from Bugcrowd. Review collected by and hosted on G2.com.
It's it security architecture that I have studied especially the big bounty program Review collected by and hosted on G2.com.
They can have more such incentives and add more bounties that can help people and companies grow Review collected by and hosted on G2.com.
The customer support team goes above and beyond to ensure our bug bounty program is successfully implemented and has a high efficiency and satisfaction rate with researchers, allowing them to hunt for bugs on our platform and strengthen our overall security posture. The system also integrated well with our ticketing platform allowing for seamless distribution of issues to the tech teams to address bugs. The platform is easy to use and intuitive and does not require a steep learning curve to administer. Our rep, Ronelle Green has been a joy to work with as well, Review collected by and hosted on G2.com.
Lack of a real time communication platform when attempting to address issues. Communcations are performed via email or messages from the internal platform which can often take time to be seen and addressed. Review collected by and hosted on G2.com.
Attack validation and prioritization. Customer support is excellent. The platform is easy to use and provides a number of features that make it easy to integrate with Slack, JIRA, and other platforms. Review collected by and hosted on G2.com.
The workflow, especially the names of each stage, was not intuitive and required some coaching. Review collected by and hosted on G2.com.
We use BugCrowd to run our bug bounty program. The researchers invited to our program have filed reports about a variety of security issues, and it's clear that some of them have really dug into our site's functionality, not just running automated scanners and skimming the surface. We've also been perfectly happy with our CSM and account manager, and BugCrowd's triagers are helpful in rejecting invalid reports. Review collected by and hosted on G2.com.
Not much negative to say. We do have a recurring issue with not automatically receiving invoices for some reason. Our account manager's always helpful and passes it along quickly when we reach out, but it's a little inconvenient (and odd) that we have to do that. Review collected by and hosted on G2.com.
Highly professional triage team. It was easy to integrate with our internal systems. Bugcrowd interface is easy to use. Review collected by and hosted on G2.com.
Nothing to say for now. No issues or concerns Review collected by and hosted on G2.com.
BugCrowd provides an easy to use interface which enables businesses to get their pen-test scope infront of security researchers in-line with thier current appeite/posture.
Wherther that be initially running with a smaller private program with a limited number of researchers, before expaning to larger public scopes.
Support is fantastic with the team always at the end of a slack message, mail or phone call.
Integration and imeplmentation are simple, allowing the customer to shape the pen-test scope. Review collected by and hosted on G2.com.
There is nothing for me to say here. Please keep up the great work BugCrowd! Review collected by and hosted on G2.com.
