The Bugcrowd crowdsourcing platform launched Bugcrowd University, an educational platform for security researchers that aims to contribute to the development of bug hunting skills

Bugcrowd University (BCU) was developed with the aim of promoting the development and education of security professionals, sharing the latest technologies and contributing to the development of bug hunting skills. As the name suggests, it is an initiative of Bugcrowd, a recognized crowdsourcing platform in the field of security that links security researchers to companies and/or developers in order to analyze products for bugs prior to launching them on the market (or after launch) and avoid being victims of vulnerability exploits. Bugcrowd is also well known for coordinating bug bounty programs for several of the most recognized brands worldwide.

Each module of Bugcrowd University focuses on techniques and strategies that Bugcrowd believes can represent a huge opportunity for the success of researchers who participate in bug bounty programs.

The first of the five modules launched focuses on web hacking. As published on their website, they have raised content pointing to a high standard. Each module also includes references to external sites with additional information prepared by IT security professionals.

They will be adding more modules to Bugcrowd University over the coming months, and are using the platform to invite the IT security community to comment on the types of content they are interested in. The webinars available are set out below.

There are 5 webinars available

  1. Introduction to Bugcrowd University

There are currently five webinars available. The first is an introduction to Bugcrowd University where they explain what BCU is, how the modules are structured, the basis of the rewards programs, how the laboratory works, prerequisites, tools, and resources. Jason Haddix explains each of these points in the video below.

  1. How to make good submissions

This webinar explains some key points in the process of finding flaws and how to create a good submission from the vulnerability discovered, which includes preparing effective reports.

  1. Security testing and access control

Defined by Open Web Application Security Project (OWASP) as access control, and sometimes called authentication, security testing and access control attempts to determine how a web app achieves access to content and the functions of some users and not others. This webinar is, among other things, an introduction to the prevailing types of access control bugs.

  1. XSS (Cross Site Scripting) vulnerability

The fourth webinar available is about Cross Site Scripting (XSS). This vulnerability is one of the most common bugs on the internet. As explained on the platform, this type of error can be very powerful, especially when combined with other vulnerabilities and techniques. This webinar presents the history of XSS and what can be done with this vulnerability.

  1. Introduction to the Burp suite

Burp is a suite of tools for testing web applications. It is really helpful for pentesters and bug hunters.

Source: HERE

With over 20 years of experience, Serviceteam IT design and deliver sophisticated connectivity, communication, continuity, and cloud services, for organisations that need to stay connected 24/7. We take the time to fully understand your current challenges, and provide a solution that gives you a clear understanding of what you are purchasing and the benefits it will bring you.

To find out how we can help you, call us on 0121 468 0101, use the Contact Us form, or why not drop in and visit us at 49 Frederick Road, Edgbaston, Birmingham, B15 1HN.

We’d love to hear from you!