SecurityBrief US - Technology news for CISOs & cybersecurity decision-makers
United States
Guides
#
cloud security
#
cybersecurity
#
endpoint protection
#
firewalls
#
ransomware
Search
Story image
#
Cybersecurity
#
Threat intelligence
#
Insider threats

Bugcrowd unveils crowdsourced red team to boost security

Today
Author image
By Jed Nykolle Harme, Editor

Bugcrowd has introduced a crowdsourced Red Team as a Service (RTaaS) solution, allowing organisations to simulate real-world cyber attacks by drawing upon a worldwide network of vetted ethical hackers.

This new service enables customers to carry out a variety of red team engagements fully managed through the Bugcrowd platform. These engagements are designed to replicate adversarial tactics, techniques, and procedures (TTPs) used by malicious attackers, providing insights into an organisation's readiness to respond to security breaches.

Through the RTaaS offering, Bugcrowd extends red team services that were previously only accessible to large organisations able to invest in security consultants or maintain a significant in-house security workforce. With this approach, customers can tailor engagements according to specific security needs, budget requirements, and organisational maturity, using Bugcrowd's global pool of ethical hacking talent.

"Traditionally, red teaming was only possible for large organizations that could either afford the services of security consultants or had a sizable security workforce to manage the workload alongside daily operations—and even then, findings were too often not actionable. Bugcrowd's industry-first offensive crowdsourced RTaaS bridges this critical security gap, opening the door for our customers to access high-end capabilities that deliver crucial insights into their defensive posture—continuously. Bugcrowd was founded on the bug bounty hunter mindset, an objective that aligns perfectly with Red Team operators. This launch is a significant milestone for Bugcrowd as it brings a pioneering solution to life. We are excited to see the power of The Crowd in action in RTaaS and enhance our customers' always-on approach to security testing," Dave Gerry, Chief Executive Officer at Bugcrowd, commented on the development.

RTaaS is integrated into the Bugcrowd platform alongside existing offerings such as Penetration Testing as a Service, Managed Bug Bounty, and Vulnerability Disclosure Programmes. The platform allows clients to scale their red team activities over time and select the expertise most relevant to address their threat landscape, regulatory environment, and budget.

The service emphasises the use of up-to-date threat intelligence and risk profiling to create regulation-ready engagement scenarios. Ethical hackers acting as operators mimic behaviours typical of nation-state actors, organised cybercriminals, and insider threats to challenge an organisation's ability to detect, respond to, and contain complex attack campaigns.

"As a hacker, I'm genuinely excited about Bugcrowd's new Red Team as a Service (RTaaS) offering. RTaaS builds on the strengths of traditional bug bounty and Penetration Testing as a Service, taking them to the next level by allowing organizations to safely test their defenses against real-world attack scenarios. Red Teaming is the most effective way to evaluate how well an organization's layered security controls work together to create a true defense-in-depth strategy—and to safely identify any gaps. By simulating realistic attacks in a structured, controlled environment, RTaaS is a great way for cybersecurity teams to demonstrate the value of a strong security posture to both the business and its leadership," Matt Byrdwell, known as Nerdwell, an ethical researcher and hacker with Bugcrowd, shared his perspective on the launch.

Key features available through Bugcrowd's RTaaS include threat intelligence alignment with realistic scenarios, attack simulations drawn from a diverse pool of skilled operators, and workflow integration that provides attack chains, narratives, and detailed findings linked to root causes and specific security controls. The platform supports flexible, scalable engagement models to accommodate a range of budgets and compliance needs, with options such as day-rate engagements, reward pools, and ongoing testing.

According to Bugcrowd, the persistent and sophisticated nature of cybercriminal activities has led to rising breach costs and increased complexity within enterprise environments. RTaaS has been positioned as a component of organisational security strategies to address these evolving challenges, extending beyond the reach of traditional vulnerability assessments and penetration tests by more closely replicating real-world attack conditions.

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X
Related stories
Skyfire & Cequence partner to enable secure AI agent access
AttackIQ launches Academy Enterprise for cybersecurity training
AI & machine learning power new cyber threat defence tools
World IP Day: Streaming platform security - safeguarding the future of music distribution
Girls in ICT Day: The AI-powered future of cybersecurity leadership
Top stories
NetFoundry raises $12M to enhance secure networking
SOCRadar launches Copilot AI to aid security teams
AI’s impact on cybersecurity for the Australian federal election
X-PHY unveils real-time on-device deepfake detection tool
Checkmarx One brings cloud security tools directly into IDEs