Bugcrowd snaps up $102M for a ‘bug bounty’ security platform that taps 500K+ hackers


Share post:

Bugcrowd — the startup that taps into a database of half a million hackers to help organizations like OpenAI and the U.S. government set up and run bug bounty programs, cash rewards to freelancers who can identify bugs and vulnerabilities in their code — has picked up a big cash award of its own to grow its business further: an equity round of $102 million.

General Catalyst is leading the investment, with previous backers Rally Ventures and Costanoa Ventures also participating.

Bugcrowd has raised over $180 million to date, and while valuation is not being disclosed, CEO Dave Gerry said in an interview it is “significantly up” on its last round back in 2020, a $30 million Series D. As a point of comparison, one of the startup’s bigger competitors, HackerOne, was last valued at $829 million in 2022, according to PitchBook data.

The plan will be to use the funding to expand operations in the U.S. and beyond, including potentially M&A, and to build more functionality into its platform, which — in addition to bug bounty programs — also offers services including penetration testing and attack surface management, as well as training to hackers to increase their skiilsets.

That functionality is both of a technical but also human nature.

Gerry jokingly describes Bugcrowd’s premise as “a dating service for people who break computers” but in more formal terms, it is built around a two-sided security marketplace: Bugcrowd crowdsources coders, who apply to join the platform by demonstrating their skills. The coders might be hackers who only work on freelance projects, or people who work elsewhere and pick up extra freelance work in their spare time. Bugcrowd then matches these coders up, based on those particular skills, with bounty programs that are in the works among clients. Those clients, meanwhile, range from other technology companies through to any enterprise or organization whose operations rely on tech to work.

In doing all this, Bugcrowd has been tapping into a couple of important trends in the technology industry.

Organizations continue to build more technology to operate, and that means more apps, more automations, more integrations and much more data is moving around from clouds to on-premises servers, from internal users out to customers, and more. All of that means more opportunities for mistakes, or bugs, in the code — places where an integration may create a security vulnerability, for example; or simply result in a piece of coding no longer working as it should — and a greater need for comprehensive work to identify those gaps.

Recent years have seen a profusion of new security tools, powered by AI, that aim to identify and remediate those gaps in a more comprehensive and automated way. But that still has not replaced the role of human hackers. Those hackers might work in a more manual way, or they might use automation tools to help them in their bug-hunting efforts, but will still have a critical role to play in how that tech might be directed. As computer science continues to see a rise in popularity as a discipline, that’s produced a wider number of smart and technical people in the world who like to rise to that challenge, if not for the intellectual pursuit for the financial one. The most successful bug bounty hunters can make millions of dollars.

Gerry said that the startup’s been growing at over 40% annually and is approaching $100 million in annual revenues.

The startup is now mainly headquartered out of San Francisco, after being originally founded in Australia by Casey Ellis, Chris Raethke and Sergei Belokamen (Ellis is still with the company as chief strategy officer. It now has “well over” 500,000 hackers and is adding around 50,000 hackers annually to that number, Gerry said, and now has some 1,000 customers after adding 200 clients in the last year.

“Costanoa has watched Bugcrowd grow from an innovative concept for early adopters to being a force multiplier for Fortune 500 companies today,” said Jim Wilson, Partner at Costanoa Ventures, in a statement. “Bugcrowd’s leadership team brings together seasoned experts with a deep understanding of cybersecurity trends and a proven ability to navigate the complexities of the industry. This next stage of growth under Dave’s leadership will allow them to expand their product offerings to help security executives get even more value from the crowd. We are excited to continue our partnership with the team to capture the significant opportunities ahead.”

Source link

Lisa Holden
Lisa Holden
Lisa Holden is a news writer for LinkDaddy News. She writes health, sport, tech, and more. Some of her favorite topics include the latest trends in fitness and wellness, the best ways to use technology to improve your life, and the latest developments in medical research.

Recent posts

Related articles

Anthropic claims its new models beat GPT-4

AI startup Anthropic, backed by hundreds of millions in venture capital (and perhaps soon hundreds of millions...

Airbnb has a new label to denote its top (and worst) listings

Airbnb already has labels like “Guest favorites” and “Superhost” to indicate the quality of a property or...

Apple plans to appeal European Commission’s massive antitrust fine favoring Spotify

Apple says it plans to appeal the historic €1.84 billion fine issued today by the European Commission...

TikTok launches data portability API ahead of Europe’s DMA regulatory deadline

TikTok is introducing a data portability API to help it comply with new European regulations designed to...

Apple announces new 13-inch and 15-inch MacBook Air models with M3 chip

Apple announced new MacBook Air models with 13-inch and 15-inch screen sizes with M3 Chip. The 13-inch...

Apple fined $1.84BN in EU over anti-steering on iOS music streaming market

The European Union has fined Apple €1.84 billion for breaching antitrust rules in the market for music...

When your cap table makes your startup uninvestable

The CEO of a Norwegian hardware startup shared a pitch deck with me that had an unusual...

Indonesia fintech Wagely makes bank while helping the unbanked

Wagely, a fintech out of Indonesia, made a name for itself with earned wage access: a way...