Solving the problem of inefficient enterprise penetration testing
With business-critical resources more vulnerable than ever, there’s been an equal rise in the popularity of penetration testing.
However, given the pen-testing industry’s current pitfalls, Bugcrowd Inc. has responded by taking the entire process online.
“Our customers can now go to our website and purchase, configure and deploy a pen test with only a few clicks,” said Casey Ellis (pictured, right), founder, chairman and chief technology officer of Bugcrowd.”In our view, this starts to democratize access to pen testing. It’s one of those things where the pen testers aren’t the problem; it’s the actual process and how it’s done that is the problem. It’s been so inefficient, and there hasn’t really been a reason to change it until now.”
Ellis and Dave Gerry (left), chief executive officer of Bugcrowd, spoke with theCUBE industry analyst John Furrier at the RSA Conference, during an exclusive broadcast on theCUBE, SiliconANGLE Media’s livestreaming studio. They discussed value-added cybersecurity innovations in areas such as pen testing. (* Disclosure below.)
Leveraging latent talent for fast and accurate results
Bugcrowd’s crowdsourced model filters hackers according to skillset and matches those with end users given their existing environment. This ensures fluidity in the pipeline, with tests deployable in a matter of hours, according to Gerry.
“Pen testers don’t want to be bogged down on scoping; they want to ultimately go out and perform a test,” he said. “When customers join with us, we match them with the right pen tester based on the skillset of the tester and the customer’s environment. We can then deploy a test in a matter of hours, versus weeks or months in the previous models.”
While the idea of bug bounties has existed for a while, putting a platform “in the middle to connect demand with supply” is entirely a novel Bugcrowd idea, according to Ellis.
“It frustrates me every now and then to hear it referred to as a bug bounty platform/vertical because it’s not actually a bug bounty problem that we’re solving,” he said. “That’s just the most obvious expression of what we do as a platform and an engine.”
Here’s the complete video interview, part of SiliconANGLE’s and theCUBE’s coverage of the RSA Conference:
(* Disclosure: Bugcrowd Inc. sponsored this segment of theCUBE. Neither Bugcrowd nor other sponsors have editorial control over content on theCUBE or SiliconANGLE.)
Photo: SiliconANGLE
A message from John Furrier, co-founder of SiliconANGLE:
Your vote of support is important to us and it helps us keep the content FREE.
One click below supports our mission to provide free, deep, and relevant content.
Join our community on YouTube
Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.
THANK YOU