S.F.-based Bugcrowd, a crowdsourced cybersecurity leader, has announced AI Connect and Asset View, two new innovations designed to help security teams tackle the challenges of disconnected data and fragmented workflows, and help them detect, prioritize, and remediate vulnerabilities faster and with greater precision.
Their problem is that as security teams adopt AI-driven tools to automate workflows and scale operations, they often hit a critical roadblock, in that their AI systems lack access to real-time, high-value security data. Without direct integration into bug bounty, penetration test, and red team findings, teams are forced to manually cross-reference reports with internal systems. This slows response times and reduces the accuracy of remediation.
Bugcrowd AI Connect solves this challenge by allowing customers to securely and seamlessly integrate their internal AI stacks with real-time vulnerability data from the Bugcrowd Platform. Acting as a read-only “front door,” AI Connect ensures data stays secure while enabling AI agents to deliver contextualized, trustworthy remediation guidance, which reduces response times and avoidsAI hallucinations, while also eliminating manual developer work and streamlining communication with development teams.
AI Connect is built on the open-source Model Context Protocol (MCP) to give customers direct, live access to their Bugcrowd program data. It provides a native GenAI interface, allowing companies to explore and analyze findings, trends, and program performance within their preferred AI tools – without exporting, transforming, or reloading data.
“Security teams today are racing to scale operations with AI and automation, but they’re often blocked by disconnected data and fragmented workflows,” said Dave Gerry, CEO of Bugcrowd. “With AI Connect and Asset View, we’re removing those roadblocks, giving customers seamless access to their real-time vulnerability data, unified asset visibility, and the ability to prioritize and act on real-world risk faster. These innovations reflect our belief that the future of cybersecurity is proactive, context-driven, and powered by both ethical hackers and intelligent automation, all delivered through one integrated platform.”
Bugcrowd AI Connect solves the challenge of a lack of ability to allow customers to securely and seamlessly integrate their internal AI stacks with real-time vulnerability data from the Bugcrowd Platform. Acting as a read-only “front door,” AI Connect ensures data stays secure while enabling AI agents to deliver contextualized, trustworthy remediation guidance — reducing response times and avoiding AI hallucinations, while also eliminating manual developer work and streamlining communication with development teams.
Built on the open-source Model Context Protocol (MCP), AI Connect gives customers direct, live access to their Bugcrowd program data. It provides a native GenAI interface, allowing companies to explore and analyze findings, trends, and program performance within their preferred AI tools — without exporting, transforming, or reloading data.
AI Connect lets customers fix vulnerabilities faster with advice tailored to their environment based on their actual code, security policies, and internal tools. It also lets them reduce manual effort and response time by automating workflows that plug directly into their AI-Driven tools, and allows them to enforce strict, role-based access, mirroring the exact permissions of each authenticated user in the Bugcrowd Platform.
“Bugcrowd AI Connect isn’t just another AI feature; it’s a foundational capability that empowers our customers to make the most of the tools they already have,” said Braden Russell, Chief Product Officer, Bugcrowd. “We’re giving them the secure building blocks they need to create truly intelligent security automation that works for their specific environment, reinforcing our commitment to an open, flexible, and developer-first ecosystem.”
The other new Bugcrowd solution is Bugcrowd Asset View. It deals with situations where assets are constantly changing, and security teams are often forced to rely on siloed, outdated, or incomplete data. This makes it difficult to scope penetration tests, monitor exposures, apply security fixes, or respond decisively to emerging threats. Natively integrated into the Bugcrowd Platform, Asset View deals with this and turns assets into action by unifying asset discovery, management, scanning, and offensive testing into one seamless experience. Assets are continuously ingested through External Attack Surface Management (EASM) scans or manual uploads, which allow continuous discovery of assets. then enhanced with critical metadata such as exposure status, business criticality, and risk-based prioritization. Once in Asset View, these assets become directly actionable, allowing teams to instantly focus the creativity of the crowd on their most critical targets, prioritize based on real-world risk, and maintain audit readiness with a complete history and status log.
“Effective security testing hinges on knowing what to test, yet many teams struggle with fragmented insights into their ever-changing external digital assets,” said Nick McKenzie, CI&SO, Bugcrowd. “Bugcrowd Asset View directly addresses this by unifying asset discovery, enrichment, and offensive testing into one seamless platform, powered by human ingenuity and real-world attacker insight.”
Bugcrowd lets users join forces with hackers and reduce risk, finding and fixing hidden vulnerabilities faster by accessing the world’s best hackers and pentesters. Crowdsourced intelligence stops breaches before attackers can strike with solutions like Pen Test as a service, Continuous Attack Surface Pen Testing, Red Team as-a-Service, and vulnerability disclosure.
We reduce the risk of breaches by improving security visibility and helping fix potential points of exposure. We digitize security workflows across your SDLC so you can ship safer code faster and use security as a core differentiator. And we curate and activate a diverse community of skilled security researchers and bring the right crowd to your use cases at the right time.
Bugcrowd’s channel is critical in all this.
“We’re well aware that it will take a vibrant partner ecosystem to make that vision real, so we’ve designed our partner program to be as valuable for partners as possible,” said Dave Gerry, Bugcrowd’s CEO. “Bugcrowd is disrupting the way partners leverage the crowd to defend against adversaries. Bugcrowd is 100% committed to enabling, and rewarding, partners on that journey.
Bugcrowd helps their partners succeed by providing access to the multi- solution Bugcrowd Security Knowledge Platform. which brings the full value of crowdsourcing to multiple security goals in a scalable, efficient, and data-driven way. They also augment their services with a unified platform for high- impact Penetration Testing as a Service (PTaaS) for any asset type, best-of-breed Managed Bug Bounty, Managed Vulnerability Intake and Disclosure (as adopted by CISA), and crowd-powered Attack Surface Management, by bringing in exactly the right skilled, crowdsourced talent to their your clients for their needs on demand, and by activating the right crowds at the right times with CrowdMatch ML technology. Partners also co-sell and build integrations with the Bugcrowd platform, making it stickier, and co-sell and co-market to promote an ecosystem of cybersecurity solutions. VARs and MSPs also help customers reduce risk and costs with a unified platform for pen testing, Managed Bug bounty and crowd-powered Attack Surface Management.