Bugcrowd, a San Francisco-based ethical hacking as-a-service platform, has received a significant $102 million investment from venture capital to support its strategic growth. The investment is expected to fuel the development of new services, enhance the Bugcrowd platform, facilitate new hires, and involve recruiting within the hacker community, according to Bugcrowd CEO Dave Gerry.
The investment was led by General Catalyst, with participation from existing investors Rally Ventures and Costanoa Ventures. Mark Crane, a General Catalyst partner, expressed his validation of Bugcrowd’s position in the cybersecurity community as a category-leading company.
Bugcrowd, founded in 2012, has received a total of $90 million in investments. The platform offers services such as bug bounty programs management, vulnerability disclosure, and crowdsourced penetration testing, with the ability to leverage a network of over half a million ethical hackers to identify and responsibly disclose vulnerabilities. Bugcrowd’s customer base includes T-Mobile, OpenAI, and the U.S. Cybersecurity and Infrastructure Security Agency (CISA).
As part of the investment, General Catalyst Special Advisor Paul Sagan and Jeff Simon, T-Mobile CSO, will join the Bugcrowd board of directors, with Sagan serving as the chair. Similarly, Bugcrowd’s global head of security and trust at Navan, Prabhath Karanth, will join the advisory board. Gerry emphasized the need for customers to access the creativity within the hacker community, stating that Bugcrowd’s customers are often outmatched and require the expertise of ethical hackers.
Gerry highlighted Bugcrowd’s successful fiscal year ending January 31, 2024, during which the company signed 200 new clients, hired 130 employees, and added 50,000 freelancers to its network of crowdsourcing hackers. The size of its penetration testing offering doubled, and payouts to hackers increased by 34%. The company also observed significant demand for crowdsourced security testing in the market.
Bugcrowd is expanding its service offerings to include threat hunting, allowing pen testers to go beyond vulnerability disclosure and describe potential exploits. Gerry stated that Bugcrowd is not aiming to compete with companies in the red teaming space but rather to provide customers with insights into potential attacks based on identified vulnerabilities.
In terms of the company’s future, Gerry mentioned that Bugcrowd plans to remain a private standalone company, focusing on building sustainability rather than seeking an immediate exit such as acquisition or IPO.
Bugcrowd’s latest investment is expected to bolster its position in the cybersecurity market, enabling the company to enhance its services, expand its platform, and address the growing demand for ethical hacking as-a-service. With significant confidence from investors and a strong customer base, Bugcrowd is poised to continue its growth trajectory and maintain its position as a leading ethical hacking platform.