/ciol/media/agency_attachments/c0E28gS06GM3VmrXNw5G.png)
Follow UsNEW YORK, USA: For three nights, security researchers from 30 countries joined forces to hunt down security issues in software that powers the Internet and some of the world's most commonly used applications.
Hosted by Bugcrowd (www.bugcrowd.com), the leading provider of bug bounty services, the "Bug Bash" was the biggest event of its kind, garnering support from Facebook and the OWASP organization as sponsoring partners. The event was held at AppSec USA (www.appsecusa.org), OWASP's annual North American conference, which was held in NYC, Nov. 18-21.
Global technology companies showed support at the event. Several companies including Facebook, Avast, and Yandex even increased their bounty offerings in conjunction with the Bug Bash to encourage global participation. Additionally, representatives from Facebook, Google, Etsy, Yandex and Prezi were onsite each night to help direct researchers and show support for their respective programs.
Statistics:
- Three days: live at OWASP AppSec USA 2013 and online at Bugcrowd.com (Nov. 18 - 20).
- 100 local participants joined together into teams of 4-5 to identify issues.
- 324 submissions reported by AppSec attendees and Bugcrowd's 4600 global security researchers.
- 49 validated vulnerabilities. 36 of those were reported in only two vendors.
- An estimated $15,000 - $20,000 USD in vulnerability rewards identified and distributed during the event.
Participation and support from Facebook, Google, Evernote, Yahoo, Etsy, Prezi, Tagged.com, LaunchKey, Avast, Yandex.