Bugcrowd — Leverages a database of 500,000 hackers to help organizations like OpenAI and the U.S. government set up and run bug bounty programs that reward freelancers who can identify bugs and vulnerabilities in their code with cash rewards. Startups that offer — have made huge profits. A unique cash award to further grow your business: $102 million equity round.
General Catalys is leading the investment, with participation from previous backers Rally Ventures and Costanoa Ventures.
Bugcrowd has raised more than $180 million to date, with an undisclosed valuation, but CEO Dave Gerry said in an interview that the company raised more than $30 million in its previous Series D round in 2020. “There has been a significant increase,” he said. One of the startup's larger competitors, HackerOne, was last valued at $829 million in 2022, according to PitchBook data.
The plan is to use the funding to expand its operations in the U.S. and abroad, including potential M&A, and further develop the platform, which also offers services such as penetration testing and attack surface management, in addition to a bug bounty program. We plan to incorporate many features. We also provide training to improve hacker skill sets.
Its function is both technical and human.
Gerry jokingly describes Bugcrowd's premise as “a dating service for people who break computers,” but more formally, Bugcrowd is built around a two-sided security marketplace. . Bugcrowd crowdsources programmers who apply to join the platform by demonstrating their skills. Programmers can be hackers who freelance work only on their projects, or people who work elsewhere and get additional freelance work in their free time. Bugcrowd matches these programmers with ongoing bounty programs among its clients based on their specific skills. These customers, on the other hand, range from other technology companies to businesses and organizations that rely on technology to do their jobs.
In doing all this, Bugcrowd has capitalized on several important trends in the technology industry.
Organizations continue to build the technology to operate. This means more apps, more automation, more integrations, more data moving from the cloud to on-premises servers, from internal users to customers, etc. All of this means more opportunities for mistakes and bugs to occur in your code. For example, where integration can introduce security vulnerabilities. Or maybe some part of your coding just stops working properly. Therefore, more comprehensive work is needed to identify these gaps.
In recent years, a number of new AI-powered security tools have emerged that aim to identify and remediate these gaps in a more comprehensive and automated manner. However, it still does not replace the role of human hackers. Those hackers may work more manually or use automated tools to aid bug-hunting efforts, but they still play a key role in how that technology is directed. It will be. As computer science continues to grow in popularity as a field, more and more smart, technical people are being born around the world who like to meet its challenges, if not for the sake of intellectual pursuits for economic reasons. Masu. The most successful bug bounty hunters can earn millions of dollars.
Jerry said the startup continues to grow more than 40% annually and is approaching $100 million in annual revenue.
The startup was originally founded in Australia by Casey Ellis, Chris Laeske, and Sergei Belokamen, and is now primarily headquartered in San Francisco (Ellis remains with the company as chief strategy officer). (Currently, the company has “well” over 500,000 hackers and counting.) Gerry said the number of hackers is about 50,000 a year, and with two more, it now has about 1,000. have customers ofThe number of clients last year was 00.
“Costanoa has watched BugCloud grow from an innovative concept for early adopters to a power multiplier for today's Fortune 500 companies,” Jim Wilson, partner at Costanoa Ventures, said in a statement. ” he said. “Bugcrowd’s leadership team is comprised of experienced professionals with a deep understanding of cybersecurity trends and a proven ability to navigate industry complexity. Next Growth Under Dave’s Leadership The stages enable us to expand our offering to help security administrators extract even more value from their crowds. We look forward to continuing our partnership with the team and seizing the important opportunities ahead.”