Bugcrowd, a startup that uses a database of half a million hackers to help OpenAI and the U.S. government set up and run bug bounty programs, which pay freelancers to find bugs and vulnerabilities in code, received a $102 million equity round to grow its business.
Rally Ventures and Costanoa Ventures joined General Catalyst in the investment.
Bugcrowd has received over $180 million, and CEO Dave Gerry stated in an interview that it is “significantly up” from their 2020 $30 million Series D. According to PitchBook, HackerOne, one of the startup’s biggest rivals, was worth $829 million in 2022.
The funding will be used to expand operations in the U.S. and abroad, including M&A, and to add functionality to its platform, which offers bug bounty programs, penetration testing, attack surface management, and hacker training.
This capability is both technological and human.
Gerry calls Bugcrowd “a dating service for people who break computers,” but it is really a two-sided security marketplace. Programmers apply to Bugcrowd by proving their expertise. Coders may be hackers who solely work on freelancing projects or those who work elsewhere but do freelance work in their spare time. Bugcrowd pairs developers with client bounty programs based on their expertise. Meanwhile, their customers include other technology businesses and any business that relies on technology.
Bugcrowd has been capitalizing on two major technical advancements.
More applications, automations, integrations, and data are flowing from clouds to on-premises servers, from internal users to consumers, and more as organizations create more technology. That implies more potential for code errors or bugs, where an integration may cause a security risk or stop operating properly, and more effort to detect such gaps.
AI-powered security technologies have proliferated in recent years to discover and fix such flaws more efficiently. But human hackers are still needed. These hackers may labor manually or utilize automated tools to bug-hunt, but they will still have a major impact on how that technology is used. As computer science becomes more popular, more brilliant and technical individuals throughout the globe want to rise to that challenge, if not intellectually, then financially. The best bug bounty hunters earn millions.
Gerry claimed the firm is reaching $100 million in annual sales and rising over 40% annually.
After being founded in Australia by Casey Ellis, Chris Raethke, and Sergei Belokamen (Ellis remains chief strategy officer), the business is currently based in San Francisco. Gerry claimed it had “well over” 500,000 hackers and is adding 50,000 every year, as well as 1,000 customers after adding 200 last year.
“Costanoa has watched Bugcrowd grow from an innovative concept for early adopters to being a force multiplier for Fortune 500 companies today,” said Costanoa Ventures partner Jim Wilson. Bugcrowd’s executive team includes cybersecurity specialists with a thorough awareness of trends and a track record of navigating industry difficulties. Under Dave’s direction, they may increase their product offerings to help security executives gain more from the crowd. We look forward to working with the team to seize the big opportunities.”
