Reviews from AWS Marketplace
0 AWS reviews
-
5 star0
-
4 star0
-
3 star0
-
2 star0
-
1 star0
External reviews
External reviews are not included in the AWS star rating for the product.
Smooth and Effective Bug Bounty/Pentest Program
What do you like best about the product?
The depth of knowledge and professionalism demonstrated by Bugcrowd security experts significantly contributed to the success of our security initiatives. The insights provided were invaluable and The support and guidance received was very effective.
Additionally, the seamless integration and implementation process made it easy to manage our bug bounty and pentest programs. The platform's user-friendly interface and robust features allowed us to efficiently manage the entire process, from scoping to remediation.
Additionally, the seamless integration and implementation process made it easy to manage our bug bounty and pentest programs. The platform's user-friendly interface and robust features allowed us to efficiently manage the entire process, from scoping to remediation.
What do you dislike about the product?
Nothing. Our experience with Bugcrowd has been entirely positive, and we have no concerns or dislikes to report
What problems is the product solving and how is that benefiting you?
Efficient Bug Bounty Programs:
- Leave a Comment |
- Mark review as helpful
A great partner for growing a security program
What do you like best about the product?
Their account team helped us grow our discoosure program over time into something that we aim to evolve even further into an eventual Bug Bounty program. They help identify and engage the right researchers to get disclosures, without creating duplicate submissions via their triage team.
The account team are flexible and generous in their pricing in order to foster a good partnership, and to remain our vendor of choice for the long term.
The account team are flexible and generous in their pricing in order to foster a good partnership, and to remain our vendor of choice for the long term.
What do you dislike about the product?
Their integrations are somewhat difficult to set up for things like Jira, and could do with an overhaul to the more modern toolchain service in Jira.
Initial engagement on our program was very slow, and required a lot of convincing of product owners to move to a public program without much evidence of eengagement beforehand.
Initial engagement on our program was very slow, and required a lot of convincing of product owners to move to a public program without much evidence of eengagement beforehand.
What problems is the product solving and how is that benefiting you?
Initially our organisation received bug disclosures via our public facing customer service inbox. This lead to a lot of confusion within our customer service team as to what to do about these disclosures. Often these disclosures were also low quality, and often the output of an automated script that targets high-traffic web applications for bugs and a contact email, prospecting us for a financial reward with little to no remediation advice or proof of exploit.
Bugcrowd provides a layer of filtration away from these submissions, their traige team ensure that we do not see low quality or repeat findings, thanks to their knowledge of previous disclosures that we already were dealing with before onboarding them. They put an onus on researchers to provide remediation advice, evidence to support their disclosures and discretion when submitting bugs.
The platform itself also allows us to integrate crowd based testing into our productivity processes, via Jira tickets that are created for findings, that are programatically added to the correct queue and status for prioritisation by agile delivery managers in development teams. Their slack integration also allows for a natural conversation to occur within our organisation whenever a new finding is submitted, keeping both the development and security teams talking about application security.
Bugcrowd provides a layer of filtration away from these submissions, their traige team ensure that we do not see low quality or repeat findings, thanks to their knowledge of previous disclosures that we already were dealing with before onboarding them. They put an onus on researchers to provide remediation advice, evidence to support their disclosures and discretion when submitting bugs.
The platform itself also allows us to integrate crowd based testing into our productivity processes, via Jira tickets that are created for findings, that are programatically added to the correct queue and status for prioritisation by agile delivery managers in development teams. Their slack integration also allows for a natural conversation to occur within our organisation whenever a new finding is submitted, keeping both the development and security teams talking about application security.
A great platform for hosting bug bounty program
What do you like best about the product?
Strong technical team.
Ease of Use.
Customer Support.
Ease of Use.
Customer Support.
What do you dislike about the product?
UI and search options could be better.
Customizations on reports could be better.
Customizations on reports could be better.
What problems is the product solving and how is that benefiting you?
Hosting Bug Bounty program.
BugCrowd has enhanced our vulnerability management and bug finding
What do you like best about the product?
The quality of submissions from the researchers are good. Additionally,since the submissions are triaged by the BugCrowd technical teams first, it increases the quality of submissions we receive.
What do you dislike about the product?
The bugcrowd user interface for reviewing submissions can be improved. For example, I would like to sort the reports by those that have received a new comment.
What problems is the product solving and how is that benefiting you?
BugCrowd helps us test our products from the perspective of a third-party individual in order to identify posible security and general bugs.
Working together with Bugcrowd has greatly enhanced our abilities in vulnerability management.
What do you like best about the product?
We are running a bug bounty program with Bugcrowd. It turns out that the technical team triaging incoming submissions is very skilled and helps a lot in efficiently identify and track vulnerabilities in our products so that we can patch them. It is really a pleasure to work with the Bugcrowd team, we have really established a direct, uncomplicated and simple way of working together. It is just fun!
What do you dislike about the product?
Really nothing comes to our mind that we dislike about the service that we have been receiving from Bugcrowd.
What problems is the product solving and how is that benefiting you?
Bugcrowd gives us the opportunity to engage with security researchers around the world that are willing to find vulnerabilities in our products. Not only are we benefitting from it when patching vulnerabilities, we also learn a lot by working together with security researchers and can improve our security development lifecycle.
New to the program, nothing but positive things to say
What do you like best about the product?
Learning about the findings and how to recreate them. The team does a great job laying out the steps it takes to recreate what the researchers find if we have any difficulty. Our account reps are also great to work with. Very knowledgable, quick to respond, great guidance.
What do you dislike about the product?
The web UI could use some work. I wish there was more space to look at the actual findings. A lot of the UI space when looking at the findings "To review" is being taken up by the Dashboard black bar on top (which is mostly blank space). If they moved the Summary, Submissions, Researchers,...etc. bar to the black bar on top, it would give a little more room to analyze the Steps to Recreate and any images attached. Thats the part I need the most. Everything above that can be condensed or made into a navigation bar that only shows when you hover your mouse to a side or implement a drop down bar option or something like that.
What problems is the product solving and how is that benefiting you?
I am not sure what this question is asking. What industry problems? What internal company problems? What Bugcrowd as a company problems they are trying to improve on? I dont know. What I do know is that the platform gives us a great view into what people outside of our company are seeing in the real world that allows us access to another perspective into our security posture and how we can improve.
Excellent commitment to maximizing program success
What do you like best about the product?
The customer support team goes above and beyond to ensure our bug bounty program is successfully implemented and has a high efficiency and satisfaction rate with researchers, allowing them to hunt for bugs on our platform and strengthen our overall security posture. The system also integrated well with our ticketing platform allowing for seamless distribution of issues to the tech teams to address bugs. The platform is easy to use and intuitive and does not require a steep learning curve to administer. Our rep, Ronelle Green has been a joy to work with as well,
What do you dislike about the product?
Lack of a real time communication platform when attempting to address issues. Communcations are performed via email or messages from the internal platform which can often take time to be seen and addressed.
What problems is the product solving and how is that benefiting you?
BugCrowd helps us identify bugs and logic issues in our products that our testing teams may have missed as part of their testing process. It allows us to strengthen our overall security posture and deliver a robust product to our customers to ensure their information is safeguarded.
Bugcrowd Delivers Top-Notch Security Solutions for Robust Vulnerability Management
What do you like best about the product?
As a client been consistently impressed by the caliber of security submissions and the overall effectiveness of the Bugcrowd community.
A key strength lies in Bugcrowd's capacity to assemble a diverse and highly proficient group of ethical hackers and security experts.
The impressive feature is the submission process is a standout feature, characterized by its streamlined and efficient nature.
The platform's user-friendly interface further enhances this experience, enabling transparent communication, smooth collaboration, and constructive feedback throughout the entirety of the security testing process.
A key strength lies in Bugcrowd's capacity to assemble a diverse and highly proficient group of ethical hackers and security experts.
The impressive feature is the submission process is a standout feature, characterized by its streamlined and efficient nature.
The platform's user-friendly interface further enhances this experience, enabling transparent communication, smooth collaboration, and constructive feedback throughout the entirety of the security testing process.
What do you dislike about the product?
The payment rule, when a submission hasn't been reviewed by the client for a certain period, is a point of concern. The client may still be in the process of reviewing, and the issue might not be critical for them. Unfortunately, There are few times when Bugcrowd missess to intervene or prompt the client to take action; instead, it automatically processes payment.
On the flip side, it's noteworthy that Bugcrowd does ensure researchers get paid, demonstrating a commitment to compensating their community promptly. However, striking a balance between ensuring timely payments for researchers and allowing clients sufficient time to assess submissions might be an area for improvement in Bugcrowd's process.
On the flip side, it's noteworthy that Bugcrowd does ensure researchers get paid, demonstrating a commitment to compensating their community promptly. However, striking a balance between ensuring timely payments for researchers and allowing clients sufficient time to assess submissions might be an area for improvement in Bugcrowd's process.
What problems is the product solving and how is that benefiting you?
Identifying vulnerabilites in the applications.
Offering support for remediation efforts.
Platform's community consisting skilled ethcical hackers provide diverse perspectives.
Offering support for remediation efforts.
Platform's community consisting skilled ethcical hackers provide diverse perspectives.
Bugcrowd - Great partner for Bug Bounty Program.
What do you like best about the product?
The Bugcrowd team and platform make it very easy to review and reward submissions from researchers.
What do you dislike about the product?
The pricing structure is a bit confusing.
What problems is the product solving and how is that benefiting you?
Bugcrowd has a great pool of researchers that we wouldn't be able to find on our own. Their platform and triage team make it easy for our internal team to validate exploits quickly.
Five Years of Growth and Success with Bugcrowd: A Researcher's Journey
What do you like best about the product?
there are some to list:
Community Engagement: It offers a supportive community that encourages collaboration and knowledge sharing in the security area.
Diverse Opportunities: The platform provides a wide range of bug bounty projects, making suitable for various skill levels, allowing for continuous growth and challenges.
Professional Support: The dedicated team at Bugcrowd provides timely and helpful support, it's the best part for me as I had always my questions solved in really fast time and with excellent communication.
Learning Resources and Researchers Incentivation: There are constant development of valuable educational resources, such as tutorials, webinars with researchers, and forums, for skill development.
Community Engagement: It offers a supportive community that encourages collaboration and knowledge sharing in the security area.
Diverse Opportunities: The platform provides a wide range of bug bounty projects, making suitable for various skill levels, allowing for continuous growth and challenges.
Professional Support: The dedicated team at Bugcrowd provides timely and helpful support, it's the best part for me as I had always my questions solved in really fast time and with excellent communication.
Learning Resources and Researchers Incentivation: There are constant development of valuable educational resources, such as tutorials, webinars with researchers, and forums, for skill development.
What do you dislike about the product?
Limited Filtering in the platform UI: The filter system is good but does not provide all the filtering options necessary for a propper search on all account's programs.
Varying Bounty Times for critical and high issues: While Bugcrowd generally offers professional support regarding this, there are some programs with very limited communication and I think support could incentivize them to award p1/p2 valid triaged issues or at least ping them weekly to receive a response back. There are even cases where the vulnerability is fixed and there's no response from the team in 02 months, which sometimes can be frustating.
Varying Bounty Times for critical and high issues: While Bugcrowd generally offers professional support regarding this, there are some programs with very limited communication and I think support could incentivize them to award p1/p2 valid triaged issues or at least ping them weekly to receive a response back. There are even cases where the vulnerability is fixed and there's no response from the team in 02 months, which sometimes can be frustating.
What problems is the product solving and how is that benefiting you?
Recognition and Rewards: Bugcrowd's fair and transparent reward system has consistently acknowledged my efforts, making my journey financially rewarding.
Community and Collaboration: The collaboration within the community have provided me with valuable insights and connections that have enriched my professional life.
Flexible Environment: The ability to choose projects and work from anywhere has allowed me to align my work with my personal life, giving me the best of both worlds.
Community and Collaboration: The collaboration within the community have provided me with valuable insights and connections that have enriched my professional life.
Flexible Environment: The ability to choose projects and work from anywhere has allowed me to align my work with my personal life, giving me the best of both worlds.
showing 11 - 20