Listing Thumbnail

    Crowdsourced Security Platform for Pen Testing, Bug Bounty, and More

     Info
    Sold by: Bugcrowd 
    Bugcrowd unleashes the ingenuity of the global hacker community for consolidated pen testing, bug bounty, vulnerability intake, and attack surface management needs - for any risk reduction/compliance goal, scope, asset, and environment, and backed by extensive trust engineering. And all with SaaS scale and efficiency and one-to-many integration with existing DevSec processes. Bugcrowd has 10+ years of experience and 100s of customers in every industry, including OpenAI, National Australia Bank, Indeed, USAA, Twilio, and the US Department of Homeland Security.
    Listing Thumbnail

    Crowdsourced Security Platform for Pen Testing, Bug Bounty, and More

     Info
    Sold by: Bugcrowd 

    Overview

    Our multi-solution platform delivers (in any combination):

    Penetration Testing as a Service The Bugcrowd Platform's modern Pen Testing as a Service (PTaaS) suite delivers fast, high-impact results for both compliance and risk reduction. Launch pen tests against any target within days with a pentester team designed for your needs, view prioritized findings and test progress 24/7 in a rich dashboard, and flow issues into your DevSec workflows for remediation. (Pricing for Standard Pen Tests is shown below; for pentesting non-Webapp/network assets, contact us about a Plus Pen Test.)

    Managed Bug Bounty Bugcrowd's platform-powered Managed Bug Bounty brings the right security researchers (the Crowd) into your workflows at the right time to find hidden flaws in your attack surface. The Bugcrowd Platform augments the bug bounty value proposition with ML-driven crowd matching (CrowdMatchTM), engineered triage, and data-driven insights derived from a decade of experience across 1000s of customer experiences. (Contact us for pricing.)

    Managed VDPs A vulnerability disclosure program (VDP) sets the rules of engagement for the public to submit vulnerability reports about public-facing assets and then coordinates how they're handled internally. Running on the Bugcrowd Platform (and selected by CISA as the VDP solution of record for US Federal civilian agencies), our managed VDPs provide intake channels, validation and triage, researcher relations, integration with your SDLC, and reporting. (Pricing for Basic VDP plans is shown below; contact us if you need more scale.)

    Attack Surface Management Bugcrowd revolutionizes attack surface management (ASM) by blending the ingenuity of the Crowd, technology, and data to help you uncover hidden or forgotten assets (Asset Inventory), then assign and prioritize risk to them by engaging with a curated security researcher team skilled in recon (Asset Risk). (Contact us for pricing.)

    Pricing for Standard Pen Tests and Basic VDP plans are shown in Pricing Information below. For pricing of other products, questions, or private offers, please contact us at partners@bugcrowd.com .

    Highlights

    • Right crowd, right time: Our platform uses data and ML to source and activate the right hackers/researchers for your needs across 100s of dimensions, who continuously discover hidden valid and critical vulnerabilities before attackers can exploit them
    • Engineered triage: The Bugcrowd Platform treats triage as a core competency, rapidly removing noise and adding context for prioritization-handling critical vulns within a single day, on average
    • Rich analytics, reports, and recommendations: We've collected millions of data points about vulnerabilities, assets, and hacker skill set over a decade of experience to develop a deep Security Knowledge Graph that drives analytics, insights, recommendations, and ML models for continuous improvement

    Details

    Sold by

    Delivery method

    Features and programs

    Financing for AWS Marketplace purchases

    AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
    Financing for AWS Marketplace purchases

    Pricing

    Crowdsourced Security Platform for Pen Testing, Bug Bounty, and More

     Info
    Pricing is based on contract duration. You pay upfront or in installments according to your contract terms with the vendor. This entitles you to a specified quantity of use for the contract duration. If you choose not to renew or replace your contract before it ends, access to these entitlements will expire.

    12-month contract (8)

     Info
    Dimension
    Description
    Cost/12 months
    VDP Basic 15
    Managed vulnerability disclosure program covering first 15 submissions
    $3,588.00
    VDP Basic 75
    Managed vulnerability disclosure program covering first 75 submissions
    $11,988.00
    Web App Pen Test Size S
    For external web app - 2 auth user roles + 10 pieces of functionality
    $4,200.00
    Web App Pen Test Size M
    For external web app - 2 auth user roles + 20 pieces of functionality
    $7,000.00
    Web App Pen Test Size L
    For external web app - 2 auth user roles + 30 pieces of functionality
    $14,000.00
    Network Pen Test Size S
    For external network - covers up to 50 active IPs
    $4,200.00
    Network Pen Test Size M
    For external network - covers up to 100 active IPs
    $7,000.00
    Network Pen Test Size L
    For external network - covers up to 256 active IPs
    $14,000.00

    Vendor refund policy

    All fees are non-cancellable and non-refundable except as required by law.

    Legal

    Vendor terms and conditions

    Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .

    Content disclaimer

    Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.

    Usage information

     Info

    Delivery details

    Software as a Service (SaaS)

    SaaS delivers cloud-based software applications directly to customers over the internet. You can access these applications through a subscription model. You will pay recurring monthly usage fees through your AWS bill, while AWS handles deployment and infrastructure management, ensuring scalability, reliability, and seamless integration with other AWS services.

    Support

    Vendor support

    Our support team operates 9AM-5PM PT, Monday-Friday. All requests for support should be sent through the Bugcrowd Support ticketing portal. https://bugcrowd-support.freshdesk.com  or support@bugcrowd.com 

    AWS infrastructure support

    AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.

    Similar products

    Customer reviews

    Ratings and reviews

     Info
    0 ratings
    5 star
    4 star
    3 star
    2 star
    1 star
    0%
    0%
    0%
    0%
    0%
    0 AWS reviews
    |
    46 external reviews
    External reviews are sourced from G2  and are not included in the star rating for this product.
    Kheman G.

    Review for G2 bugcrowd

    Reviewed on Aug 23, 2024
    Review provided by G2
    What do you like best about the product?
    It's it security architecture that I have studied especially the big bounty program
    What do you dislike about the product?
    They can have more such incentives and add more bounties that can help people and companies grow
    What problems is the product solving and how is that benefiting you?
    It can help me in catching bugs
    Consulting

    Using bugcrowd for security research and bug hunting.

    Reviewed on Aug 21, 2024
    Review provided by G2
    What do you like best about the product?
    The triage response and also the platform itself.
    What do you dislike about the product?
    I have seen no downsides about using bugcrowd.
    What problems is the product solving and how is that benefiting you?
    Finding vulnerabilities using the crowdsourced ethical hackers.
    Jitmanyu S.

    Collaborative Crowdsourcing for Enhanced Cybersecurity

    Reviewed on Aug 19, 2024
    Review provided by G2
    What do you like best about the product?
    What I appreciate most about Bugcrowd is its collaborative approach to cybersecurity. The platform brings together a diverse community of ethical hackers and security professionals, empowering them to contribute to real-world security challenges. This collective intelligence not only enhances the security posture of organizations but also creates a dynamic environment where continuous learning and skill development are encouraged. Additionally, Bugcrowd's focus on transparency, fairness in rewards, and providing a platform for both experienced and novice hackers to contribute makes it a unique and impactful leader in the field of crowdsourced security.
    What do you dislike about the product?
    One area of improvement for Bugcrowd could be enhancing the communication and feedback loop between researchers and program owners. At times, the response times or clarity of feedback can be inconsistent, which may lead to frustration for researchers who are seeking more timely or detailed guidance on their submissions.
    What problems is the product solving and how is that benefiting you?
    Bugcrowd addresses the challenge of identifying and mitigating security vulnerabilities by leveraging a global network of skilled ethical hackers. This crowdsourced approach allows organizations to detect and resolve security issues more efficiently than traditional methods. For me, it provides access to diverse security expertise, ensuring a more comprehensive and robust security posture, ultimately reducing the risk of breaches and enhancing overall system resilience.
    roger k.

    Bugcrowd is a great security partner

    Reviewed on Jan 31, 2024
    Review provided by G2
    What do you like best about the product?
    The Bugcrowd team and community is fantastic. I highly recommend using Bugcrowd for bug bounty, vulnerability disclosure and pen testing programs.
    What do you dislike about the product?
    I have no notes. I love the service and the system that's built around it.
    What problems is the product solving and how is that benefiting you?
    Bugcrowd has delivered a managed bug bounty and vulnerability disclosure program that has been maintainable with the help of the Bugcrowd team.
    Entertainment

    Excellent customer support with well thought-out bounty programs.

    Reviewed on Jan 30, 2024
    Review provided by G2
    What do you like best about the product?
    Attack validation and prioritization. Customer support is excellent. The platform is easy to use and provides a number of features that make it easy to integrate with Slack, JIRA, and other platforms.
    What do you dislike about the product?
    The workflow, especially the names of each stage, was not intuitive and required some coaching.
    What problems is the product solving and how is that benefiting you?
    Bugcrowd platform enabled us to expose multiple platforms/solutions to many ethical hackers to gain a fresh perspective on our security posture and identify issues that we have missed with internal security testing, SAST, and DAST tooling. In a short period, they managed to detect issues that went by unnoticed even by the external penetration testing and we are now in a much better shape.
    View all reviews