Bugcrowd, the innovator in crowdsourced security testing for the enterprise, today announced it has raised $6 million in a Series A funding round led by Costanoa Venture Capital. Costanoa is joined by existing investors including Rally Ventures, Paladin Capital Group, and Blackbird Ventures.

“As security continues to be a top spending priority for enterprises across the globe, the financial and operational leverage that Bugcrowd’s platform enables is a highly strategic asset,” said Neill Occhiogrosso, Partner at Costanoa Venture Capital.

Bugcrowd will use the funds to further accelerate growth and match the demand for its services by expanding its day-to-day operations staff, including sales and marketing and its world class team of security researchers which currently consists of 15,300 vetted professionals who bring deep and broad areas of expertise to Bugcrowd’s “Crowd.” Funds will also be utilized for continued strategic product development. This round of funding brings the total investment in Bugcrowd to $9 million.

Some of the world’s largest enterprises such as Microsoft, Google and Facebook, have pioneered the self-managed Bug Bounty Program model as a strategic method to help with their Quality Assurance and Vulnerability Assessment efforts to ensure that any flaws that remain in their technology platforms are found and fixed before they can be exploited.

However, outside of these companies with seemingly-limitless resources, self-managing a bug bounty program is not only a daunting task, but is also highly impractical for the remaining 99% of the world’s enterprises based on the requirements necessary to carry out an effective program, which includes either hiring qualified staff or overtaxing what is typically an already-fatigued security team.

“I’ve followed the evolution of the bug bounty market since the earliest days and predicted eventual mainstream adoption,” said Jeremiah Grossman, founder and interim CEO of WhiteHat Security and Bugcrowd Advisor. “Bugcrowd’s traction with more traditional enterprises outside of early tech companies is demonstrating that the market is ready.”

Launched in September 2013, Bugcrowd set out to level the vulnerability assessment playing field by bridging the gap between skilled security researchers and customers in need of effective security testing.

“From day one, our value proposition has rang loud and true as evidenced not only by our strong customer acquisition rate, but by the types of organizations who are trusting us to work with them in this capacity,” said Casey Ellis, CEO and co-founder, Bugcrowd. “Bugcrowd is leading the fully managed crowdsourced security model and bringing it to the masses, so now all organizations can achieve optimal levels of quality assurance and vulnerability assessment without the financial and resource burden of having to try to go at it alone.”

Since the company’s launch, Bugcrowd has achieved some very impressive pre-Series A successes, including:

  • 11.3x revenue growth rate year over year from 2013 to 2014.
  • Bugcrowd has seen swift and strong customer acquisition and currently has run over 160 programs to date.
  • Some well-known customers include: Western Union, Pinterest, Barracuda Networks, Silent Circle (Blackphone), Indeed and more.
  • Significant growth of security researcher “Crowd” from 3,000 in September 2013 to more than 15,000 to date.
  • Key additions to the Bugcrowd team include security industry veterans such as Kymberlee Price and Jeremiah Grossman who recently joined as an advisor.

“Bugcrowd is disrupting the security testing market with a model that delivers significantly better-level vulnerability discovery at a much lower total cost,” said Charles Beeler, General Partner, Rally Ventures. “We’ve been lucky to work with the Bugcrowd team since the early days and have been impressed by their understanding of the market and the speed of adoption by enterprise customers.”

Bugcrowd’s quick penetration across various vertical markets proves that crowdsourced security is no longer just a model that technology companies utilize to strengthen quality assurance and vulnerability assessment processes. Earlier this week, Bugcrowd announced the addition of Western Union as its latest public bug bounty program customer.

To learn more about Bugcrowd, visit www.bugcrowd.com or check out the Bugcrowd blog.