SECURITY
SECURITY
SECURITY
Solving the problem of inefficient enterprise penetration testing
With business-critical resources more vulnerable than ever, there’s been an equal rise in the popularity of penetration testing.
However, given the pen-testing industry’s current pitfalls, Bugcrowd Inc. has responded by taking the entire process online.
“Our customers can now go to our website and purchase, configure and deploy a pen test with only a few clicks,” said Casey Ellis (pictured, right), founder, chairman and chief technology officer of Bugcrowd.”In our view, this starts to democratize access to pen testing. It’s one of those things where the pen testers aren’t the problem; it’s the actual process and how it’s done that is the problem. It’s been so inefficient, and there hasn’t really been a reason to change it until now.”
Ellis and Dave Gerry (left), chief executive officer of Bugcrowd, spoke with theCUBE industry analyst John Furrier at the RSA Conference, during an exclusive broadcast on theCUBE, SiliconANGLE Media’s livestreaming studio. They discussed value-added cybersecurity innovations in areas such as pen testing. (* Disclosure below.)
Leveraging latent talent for fast and accurate results
Bugcrowd’s crowdsourced model filters hackers according to skillset and matches those with end users given their existing environment. This ensures fluidity in the pipeline, with tests deployable in a matter of hours, according to Gerry.
“Pen testers don’t want to be bogged down on scoping; they want to ultimately go out and perform a test,” he said. “When customers join with us, we match them with the right pen tester based on the skillset of the tester and the customer’s environment. We can then deploy a test in a matter of hours, versus weeks or months in the previous models.”
While the idea of bug bounties has existed for a while, putting a platform “in the middle to connect demand with supply” is entirely a novel Bugcrowd idea, according to Ellis.
“It frustrates me every now and then to hear it referred to as a bug bounty platform/vertical because it’s not actually a bug bounty problem that we’re solving,” he said. “That’s just the most obvious expression of what we do as a platform and an engine.”
Here’s the complete video interview, part of SiliconANGLE’s and theCUBE’s coverage of the RSA Conference:
(* Disclosure: Bugcrowd Inc. sponsored this segment of theCUBE. Neither Bugcrowd nor other sponsors have editorial control over content on theCUBE or SiliconANGLE.)
Photo: SiliconANGLE
A message from John Furrier, co-founder of SiliconANGLE:
Support our open free content by sharing and engaging with our content and community.
Join theCUBE Alumni Trust Network
Where Technology Leaders Connect, Share Intelligence & Create Opportunities
11.4k+
CUBE Alumni Network
C-level and Technical
Domain Experts
15M+
theCUBE
Viewers
Connect with 11,413+ industry leaders from our network of tech and business leaders forming a unique trusted network effect.
SiliconANGLE Media is a recognized leader in digital media innovation serving innovative audiences and brands, bringing together cutting-edge technology, influential content, strategic insights and real-time audience engagement. As the parent company of SiliconANGLE, theCUBE Network, theCUBE Research, CUBE365, theCUBE AI and theCUBE SuperStudios — such as those established in Silicon Valley and the New York Stock Exchange (NYSE) — SiliconANGLE Media operates at the intersection of media, technology, and AI. .
Founded by tech visionaries John Furrier and Dave Vellante, SiliconANGLE Media has built a powerful ecosystem of industry-leading digital media brands, with a reach of 15+ million elite tech professionals. The company’s new, proprietary theCUBE AI Video cloud is breaking ground in audience interaction, leveraging theCUBEai.com neural network to help technology companies make data-driven decisions and stay at the forefront of industry conversations.
