Overview
Our multi-solution platform delivers (in any combination):
Penetration Testing as a Service The Bugcrowd Platform's modern Pen Testing as a Service (PTaaS) suite delivers fast, high-impact results for both compliance and risk reduction. Launch pen tests against any target within days with a pentester team designed for your needs, view prioritized findings and test progress 24/7 in a rich dashboard, and flow issues into your DevSec workflows for remediation. (Pricing for Standard Pen Tests is shown below; for pentesting non-Webapp/network assets, contact us about a Plus Pen Test.)
Managed Bug Bounty Bugcrowd's platform-powered Managed Bug Bounty brings the right security researchers (the Crowd) into your workflows at the right time to find hidden flaws in your attack surface. The Bugcrowd Platform augments the bug bounty value proposition with ML-driven crowd matching (CrowdMatchTM), engineered triage, and data-driven insights derived from a decade of experience across 1000s of customer experiences. (Contact us for pricing.)
Managed VDPs A vulnerability disclosure program (VDP) sets the rules of engagement for the public to submit vulnerability reports about public-facing assets and then coordinates how they're handled internally. Running on the Bugcrowd Platform (and selected by CISA as the VDP solution of record for US Federal civilian agencies), our managed VDPs provide intake channels, validation and triage, researcher relations, integration with your SDLC, and reporting. (Pricing for Basic VDP plans is shown below; contact us if you need more scale.)
Attack Surface Management Bugcrowd revolutionizes attack surface management (ASM) by blending the ingenuity of the Crowd, technology, and data to help you uncover hidden or forgotten assets (Asset Inventory), then assign and prioritize risk to them by engaging with a curated security researcher team skilled in recon (Asset Risk). (Contact us for pricing.)
Pricing for Standard Pen Tests and Basic VDP plans are shown in Pricing Information below. For pricing of other products, questions, or private offers, please contact us at partners@bugcrowd.com .
Highlights
- Right crowd, right time: Our platform uses data and ML to source and activate the right hackers/researchers for your needs across 100s of dimensions, who continuously discover hidden valid and critical vulnerabilities before attackers can exploit them
- Engineered triage: The Bugcrowd Platform treats triage as a core competency, rapidly removing noise and adding context for prioritization-handling critical vulns within a single day, on average
- Rich analytics, reports, and recommendations: We've collected millions of data points about vulnerabilities, assets, and hacker skill set over a decade of experience to develop a deep Security Knowledge Graph that drives analytics, insights, recommendations, and ML models for continuous improvement
Details
Features and programs
Financing for AWS Marketplace purchases
Pricing
Dimension | Description | Cost/12 months |
---|---|---|
VDP Basic 15 | Managed vulnerability disclosure program covering first 15 submissions | $3,588.00 |
VDP Basic 75 | Managed vulnerability disclosure program covering first 75 submissions | $11,988.00 |
Web App Pen Test Size S | For external web app - 2 auth user roles + 10 pieces of functionality | $4,200.00 |
Web App Pen Test Size M | For external web app - 2 auth user roles + 20 pieces of functionality | $7,000.00 |
Web App Pen Test Size L | For external web app - 2 auth user roles + 30 pieces of functionality | $14,000.00 |
Network Pen Test Size S | For external network - covers up to 50 active IPs | $4,200.00 |
Network Pen Test Size M | For external network - covers up to 100 active IPs | $7,000.00 |
Network Pen Test Size L | For external network - covers up to 256 active IPs | $14,000.00 |
Vendor refund policy
All fees are non-cancellable and non-refundable except as required by law.
Legal
Vendor terms and conditions
Content disclaimer
Delivery details
Software as a Service (SaaS)
SaaS delivers cloud-based software applications directly to customers over the internet. You can access these applications through a subscription model. You will pay recurring monthly usage fees through your AWS bill, while AWS handles deployment and infrastructure management, ensuring scalability, reliability, and seamless integration with other AWS services.
Resources
Support
Vendor support
Our support team operates 9AM-5PM PT, Monday-Friday. All requests for support should be sent through the Bugcrowd Support ticketing portal. https://bugcrowd-support.freshdesk.com or support@bugcrowd.com
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.