Bugcrowd sees 30 percent increase in web vulnerability submissions

No Comments

Crowdsourced security platform Bugcrowd’s latest Vulnerability Trends Report finds that the hacker community recorded a 30 percent increase in web vulnerability submissions on the platform compared to 2022.

In addition it has recorded an 18 percent increase in API submissions, a 21 percent increase in Android submissions, and a 17 percent increase in iOS submissions.

The government sector experienced the fastest growth for crowdsourced security last year, witnessing a 151 percent increase in vulnerability submissions and a 58 percent increase in Priority 1 (P1) rewards for finding critical vulnerabilities. The financial services industry and government sector offered the highest median payouts for P1 vulnerability submissions. Additionally, the most successful programs were those that offered higher rewards (e.g., $10,000 or more for P1 vulnerabilities). Programs with open scopes received 10x more P1 vulnerabilities than those with limited scopes.

"This report offers critical context, insights, and opportunities for security leaders looking for new information to bolster their risk profiles," says Nick McKenzie, chief information security officer of Bugcrowd. "Looking ahead, we can use insights from this report in conjunction with other key learnings to predict what is coming next."

In the past year, enterprises have increasingly favored public crowdsourced programs over private ones, while programs with open scopes received 10X more P1 vulnerabilities than those with limited scopes. A scope is the defined set of targets listed by an organization as assets to be tested. An open scope bug bounty program imposes no limitations on what hackers can or cannot test in terms of assets that belong to the organization.

The report also examines how different hacker roles contribute to crowdsourced security, and how crowdsourced security platforms can provide powerful warning systems to uncover vulnerabilities. You can read more and get the full report on the Bugcrowd blog.

Photo Credit: andriano.cz/Shutterstock

No Comments

Comments are closed.

Got News? Contact Us

Recent Headlines

Ubuntu Linux 24.10 is named 'Oracular Oriole'

How threat intelligence can improve vulnerability management outcomes

Ubuntu Linux-based Voyager 24.04 LTS unites GNOME and Xfce

Kioxia unveils TransMemory U304 USB flash drive

Microsoft and Estée Lauder transform the beauty industry with AI

Microsoft and IBM open source MS-DOS 4.00

Software file converters: How they work and why you need them

Most Commented Stories

Say goodbye to Microsoft Windows 11 and hello to Nitrux Linux 3.4.0 'pl'

62 Comments

The stunning Windows 13 -- yes, 13! -- is the Microsoft operating system we want

22 Comments

Microsoft 'improves' Windows 11 by bringing ads to the Start menu in the US

21 Comments

Windows 11 slammed for its 'comically bad' performance even on high-end hardware

18 Comments

Microsoft is up to its old tricks yet again -- Windows 10 users harassed with full-screen Windows 11 upgrade warnings

18 Comments

Outrageous: Microsoft to charge $61 for Windows 10 updates -- consider switching to Linux!

18 Comments

Microsoft releases preview version of Office 2024 for Windows and macOS -- download it now!

17 Comments

EndeavourOS ARM discontinued: A huge loss for the Linux community

9 Comments

© 1998-2024 BetaNews, Inc. All Rights Reserved. Privacy Policy - Cookie Policy.