Bugcrowd vulnerability bounty platform snags $30 million in fresh funding round

The Series D round capitalizes on enterprise booking growth of 100%.
Written by Charlie Osborne, Contributing Writer

Bugcrowd has secured $30 million in a Series D funding round launched on the back of strong business growth. 

On Thursday, the vulnerability disclosure platform said the investment round was led by Rally Ventures and will help the company accelerate its growth, of which there has been a 100% increase in bookings across the US enterprise market.

Total funding is now over $80 million. Previous investors include Paladin Capital Group, Blackbird Ventures, Industry Ventures, and Hostplus. 

See also: HackerOne awards $20,000 bug bounty for private data access vulnerability on its own platform

The San Francisco-based organization's CEO, Ashish Gupta, said that as we begin to move towards a remote work culture -- a catalyst being the COVID-19 outbreak -- it is more important than ever that customers have an "instant return on investment by providing on-demand access to highly-skilled security researchers."

Other milestones over the past year for Bugcrowd include the firm's penetration business and a growth rate of 400%; expanded presence in Australia, Bangalore, Costa Rica, London, and Salt Lake City; and an improved signal-to-noise ratio which currently stands at 97%. 

CNET: ExpressVPN review: A VPN speed leader with a secure reputation

Netflix and Fitbit are among Bugcrowd's clients. 

In related news, the bug bounty platform has also announced a COVID-19 response package that provides free 90-day vulnerability disclosure programs to emergency response teams, hospitals, and other care provider organizations working to combat the pandemic. 

TechRepublic: Fraud prevention startup working on anonymous peer-to-peer verification network

Bug bounty platforms, in which independent researchers can hunt for vulnerabilities and responsibly disclose them directly to vendors in return for credit and/or cash rewards, have become a popular method for companies to improve their security posture without maintaining large in-house security teams. 

In 2019, for example, Google's Vulnerability Reward Programs (VRP) awarded researchers a record $6.5 million, roughly double that was paid out the previous year.

The biggest Internet of Things, smart home hacks of 2019

Previous and related coverage

Have a tip? Get in touch securely via WhatsApp | Signal at +447713 025 499, or over at Keybase: charlie0

Editorial standards