A Sydney-founded cybersecurity company that has unlocked “an army of allies to outsmart an army of adversaries” by crowdsourcing ethical hackers has announced a US$102 million ($156.5 million) raise, bolstering Bugcrowd’s plans to accelerate growth across multiple regions and find strategic acquisition opportunities.
Bugcrowd, founded by Casey Ellis in 2012 in Sydney where it went through the then recently-established Startmate accelerator program before moving its headquarters to the US the following year, has raised an estimated US$185 million ($284 million) to date.
The latest round was led by General Catalyst with participation from longtime existing investors Rally Ventures and Costanoa Ventures. Other existing backers include Blackbird Ventures, Industry Ventures, Paladin Capital Group, Salesforce Ventures and Triangle Peak Partners.
Ellis first had the idea for Bugcrowd during a flight from Melbourne to Sydney as the culmination of discussions around the embryonic trend of “bug bounty programs”, whereby ethical hackers are paid rewards if they can detect cyber security vulnerabilities or bugs in a program.
The entrepreneur’s original plan was to connect the latent potential of those who hack in good-faith, and the business model evolved into the pioneering of a crowdsourced cybersecurity space and a multi-solution Software as a Service (SaaS) platform.
By late 2022 when Bugcrowd promoted its COO and former White Hat Security head of global operations Dave Gerry to the position of CEO, the company had “annihilated” around 200,000 vulnerabilities with its community of security experts receiving more than US$80 million in rewards and payments.
In 2023 alone, customers found almost 23,000 high-impact vulnerabilities using the Bugcrowd Platform, helping to prevent potential breach-related costs of up to $100 billion.
Gerry says that in 2023 the team grew by 130 members – up from more than 280 in late 2022 – and added more than 200 new clients including names such as OpenAI, T-Mobile, Rapyd, and ExpressVPN, taking the total number of clients to nearly 1,000.
These achievements contributed to annual revenue growth of 40 per cent, while the company’s Pen Test as a Service (PTaaS) business nearly doubled.
“In a landscape where threat actors increasingly deploy sophisticated AI techniques, Bugcrowd’s proactive approach to cybersecurity utilises a crowdsourced AI-powered platform. This empowers organisations to identify and remediate security vulnerabilities before malicious actors can exploit them,” Gerry says.
“Our mission to redefine crowdsourced security is at the core of what we do, and this strategic investment underscores the dedication of our incredible team, the collaborative hacker community, and the trust our customers place in Bugcrowd’s innovative approach to proactive security.
“This latest investment gives us the resources we need to continue to be the leading force in the crowdsourced security market.”
Following the funding round, Bugcrowd will welcome General Catalyst’s partner Mark Crane and senior advisor Paul Sagan to the board, with the latter also becoming board chair.
“At this critical juncture for the company, marked by substantial growth and market expansion, along with a rapidly expanding team comprising industry leaders and a community of top-tier hackers, I look forward to providing ongoing support as Bugcrowd enables a new era of cybersecurity,” says Sagan.
Gerry adds that the advisory board will also welcome Jeff Simon, chief security officer at T-Mobile, and Prabhath Karanth, vice president and global head of security and trust at Navan, serving alongside David Fairman, CIO & CSO – APAC at Netskope.
“Protecting customers, partners and employees is a top priority at T-Mobile, and one of the ways we’re doing that is by making hackers our allies as we find additional ways to protect information,” says Jeff Simon of T-Mobile.
“We relaunched our bug bounty program with Bugcrowd for their best-in-class triage team and direct access to elite hackers, which have helped us strengthen our overall security.”
Costanoa Partners partner Jim Wilson highlights Bugcrowd’s growth from an “innovative concept for early adopters to being a force multiplier for Fortune 500 companies today”.
“Bugcrowd’s leadership team brings together seasoned experts with a deep understanding of cybersecurity trends and a proven ability to navigate the complexities of the industry,” says Wilson.
“This next stage of growth under Dave’s leadership will allow them to expand their product offerings to help security executives get even more value from the crowd. We are excited to continue our partnership with the team to capture the significant opportunities ahead.”
Founder Casey Ellis says the latest investment and partnership positions the Bugcrowd platform, customers and the hacker community for incredible growth and success, both economically and also towards the “shared goal of helping defenders worldwide better protect themselves and their users”.
“What I love most about this investment is that General Catalyst recognizes that it was never just about bug bounty – our mission has always been to put the creativity of a crowd of allies in the hands of defenders in as many ways as we can in order to outwit a constantly changing crowd of adversaries in a constantly evolving technological landscape,” Ellis says.
“This partnership enables the next phase of the category that Bugcrowd pioneered and signals our commitment to continuing to define and dominate it.”
Get our daily business news
Sign up to our free email news updates.
Help us deliver quality journalism to you.
As a free and independent news site providing daily updates
during a period of unprecedented challenges for businesses everywhere
we call on your support