SECURITY
SECURITY
SECURITY
Solving the problem of inefficient enterprise penetration testing
With business-critical resources more vulnerable than ever, there’s been an equal rise in the popularity of penetration testing.
However, given the pen-testing industry’s current pitfalls, Bugcrowd Inc. has responded by taking the entire process online.
“Our customers can now go to our website and purchase, configure and deploy a pen test with only a few clicks,” said Casey Ellis (pictured, right), founder, chairman and chief technology officer of Bugcrowd.”In our view, this starts to democratize access to pen testing. It’s one of those things where the pen testers aren’t the problem; it’s the actual process and how it’s done that is the problem. It’s been so inefficient, and there hasn’t really been a reason to change it until now.”
Ellis and Dave Gerry (left), chief executive officer of Bugcrowd, spoke with theCUBE industry analyst John Furrier at the RSA Conference, during an exclusive broadcast on theCUBE, SiliconANGLE Media’s livestreaming studio. They discussed value-added cybersecurity innovations in areas such as pen testing. (* Disclosure below.)
Leveraging latent talent for fast and accurate results
Bugcrowd’s crowdsourced model filters hackers according to skillset and matches those with end users given their existing environment. This ensures fluidity in the pipeline, with tests deployable in a matter of hours, according to Gerry.
“Pen testers don’t want to be bogged down on scoping; they want to ultimately go out and perform a test,” he said. “When customers join with us, we match them with the right pen tester based on the skillset of the tester and the customer’s environment. We can then deploy a test in a matter of hours, versus weeks or months in the previous models.”
While the idea of bug bounties has existed for a while, putting a platform “in the middle to connect demand with supply” is entirely a novel Bugcrowd idea, according to Ellis.
“It frustrates me every now and then to hear it referred to as a bug bounty platform/vertical because it’s not actually a bug bounty problem that we’re solving,” he said. “That’s just the most obvious expression of what we do as a platform and an engine.”
Here’s the complete video interview, part of SiliconANGLE’s and theCUBE’s coverage of the RSA Conference:
(* Disclosure: Bugcrowd Inc. sponsored this segment of theCUBE. Neither Bugcrowd nor other sponsors have editorial control over content on theCUBE or SiliconANGLE.)
Photo: SiliconANGLE
A message from John Furrier, co-founder of SiliconANGLE:
Support our mission to keep content open and free by engaging with theCUBE community. Join theCUBE’s Alumni Trust Network, where technology leaders connect, share intelligence and create opportunities.
- 15M+ viewers of theCUBE videos, powering conversations across AI, cloud, cybersecurity and more
- 11.4k+ theCUBE alumni — Connect with more than 11,400 tech and business leaders shaping the future through a unique trusted-based network.
About SiliconANGLE Media
SiliconANGLE Media is a recognized leader in digital media innovation, uniting breakthrough technology, strategic insights and real-time audience engagement. As the parent company of SiliconANGLE, theCUBE Network, theCUBE Research, CUBE365, theCUBE AI and theCUBE SuperStudios — with flagship locations in Silicon Valley and the New York Stock Exchange — SiliconANGLE Media operates at the intersection of media, technology and AI.
Founded by tech visionaries John Furrier and Dave Vellante, SiliconANGLE Media has built a dynamic ecosystem of industry-leading digital media brands that reach 15+ million elite tech professionals. Our new proprietary theCUBE AI Video Cloud is breaking ground in audience interaction, leveraging theCUBEai.com neural network to help technology companies make data-driven decisions and stay at the forefront of industry conversations.
