Bugcrowd Secures $102 Million in Funding to Enhance Bug Bounty Programs
Bugcrowd, a startup leveraging a network of over half a million ethical hackers to assist organizations like OpenAI and the U.S. government in managing bug bounty programs—rewarding freelancers for identifying software vulnerabilities—has secured a significant investment of $102 million in equity funding. This round is led by General Catalyst, with contributions from existing investors Rally Ventures and Costanoa Ventures.
To date, Bugcrowd has raised over $180 million. While the valuation remains undisclosed, CEO Dave Gerry noted in an interview that it has “significantly increased” since their last funding round in 2020, which raised $30 million in Series D financing. For context, Bugcrowd's main competitor, HackerOne, was valued at $829 million in 2022, according to PitchBook data.
The new funding will primarily be utilized to broaden Bugcrowd’s operations in the U.S. and globally, potentially involving mergers and acquisitions. Additionally, it aims to enhance its platform's functionality, which, besides bug bounty programs, also includes penetration testing, attack surface management, and hacker training to boost skillsets.
This expanded functionality addresses both technical and human aspects of cybersecurity. Gerry humorously describes Bugcrowd as “a dating service for people who break computers,” but its foundation is a two-sided security marketplace. Bugcrowd invites coders to join its platform by showcasing their skills. These coders could be full-time professionals seeking freelance opportunities or dedicated freelancers. Bugcrowd then aligns these skilled individuals with suitable bounty programs designed for its clients, which include technology firms and various enterprises reliant on tech.
In pursuing this model, Bugcrowd is capitalizing on significant trends within the tech industry. With organizations increasingly reliant on technology, the demand for more applications, automation, and integrations also rises, resulting in the heightened potential for coding errors and vulnerabilities. This creates an urgent need for robust solutions to identify and rectify these gaps.
Despite the proliferation of AI-powered security tools designed to automatically detect vulnerabilities, the invaluable role of human hackers remains unchanged. Whether they conduct manual testing or employ automated tools in their bug-hunting efforts, ethical hackers are crucial in guiding security initiatives. As interest in computer science grows, a new generation of skilled tech professionals is ready to meet these challenges, with top bug bounty hunters earning substantial incomes.
Gerry shared that Bugcrowd has experienced an annual growth rate exceeding 40% and is nearing $100 million in yearly revenue.
Originally established in Australia by Casey Ellis, Chris Raethke, and Sergei Belokamen (with Ellis serving as Chief Strategy Officer), Bugcrowd now primarily operates out of San Francisco. The platform features “well over” 500,000 hackers, with an annual addition of around 50,000, and has onboarded approximately 1,000 customers, including 200 new clients in the past year.
“Costanoa has watched Bugcrowd evolve from an innovative concept for early adopters into a major player for Fortune 500 companies,” stated Jim Wilson, partner at Costanoa Ventures. “With a leadership team seasoned in cybersecurity trends and industry complexities, this next growth phase under Dave’s leadership will enable them to enhance their product offerings, helping security executives extract even more value from the crowd. We are excited to continue our partnership and capitalize on the tremendous opportunities ahead.”
Ranking
