![Pinterest](https://pinterest.com/pin/create/button/?url=https://bollspel.com/increase-in-vulnerability-submissions-bugcrowds-public-sector-leads-the-way/&media=https://bollspel.com/wp-content/uploads/2024/01/18629-increase-in-vulnerability-submissions-bugcrowds-public-sector-leads-the-way.jpg&description="Discover how Bugcrowd's public sector initiatives are driving an increase in vulnerability submissions, leading the way in cybersecurity innovation. Learn how government agencies are embracing crowdsourced security to protect sensitive data."){kind=link}
In 2023, crowdsourced vulnerability disclosure and bug bounty platform Bugcrowd saw a 151% increase in reports related to government and public sector organisations!
Menu
Inside the studio
By
Alex Scroxton,
Security Editor
Published: 25 Jan 2024 12:47
Multi-solution crowdsourced cyber security platform Bugcrowd says it saw growing acceptance and adoption of crowdsourced security strategies among mainstream end-user organisations in 2023, as ethical hackers continue to prove their value to in-house security teams over and over again.
The organisation this week published its latest annual Inside the platform report, revealing that in the past 12 months, in which it claimed its open scope, crowdsourced approach to vulnerability rewards programmes (VRPs), aka bug bounty programmes, found 10 times more critical issues than more traditional approaches. In the year 2023, it found that customers in the government and public sector verticals were the most eager to take up crowdsourced ethical hacking as an option, with a 151% increase in overall vulnerability submissions, and a 56% increase in critical flaws. Submissions relating to the retail sector were up 34%, corporate services sector 20%, and computer software sector 12%. Overall, Bugcrowd’s ethical hacking community recorded a 30% increase in web vulnerability submissions, an 18% increase in application programming interface (API) vulnerability submissions, a 21% increase in Android vulnerability submissions, and a 17% in iOS vulnerability submissions. All data represents a year-on-year comparison to 2022.
“As an industry, we’re truly on the precipice of so many changes, and the goal of this report is to arm security leaders and practitioners alike with the necessary trend information, data, and expert predictions to prepare for these changes,” wrote Bugcrowd CISO Nick McKenzie in the report’s preamble. “Leveraging vulnerability data from the last 12 months, this report offers critical context, insights, and opportunities for security leaders looking for new information to bolster their risk profiles.” Outlining some of the key trends highlighted in Bugcrowd’s latest report, McKenzie continued: “Throughout the research process, I wasn’t surprised to find that vulnerabilities are still on the rise. When you combine an overall increase in rapid digitisation – including new technologies that businesses are adding into business processes like generative AI – with more products boasting many new features, it’s inevitable that you end up with an exponential increase in bugs. Another insight from the report that I found especially telling is an increase in the trend toward favoring public crowdsourced security programs over private programs.
¹ Who pays the most? For ethical hackers who may be wondering if it is possible to make a living from pen testing alone, the Bugcrowd report also contains fresh data on the scale of the payouts its community received in 2023. » …
Read More