Crowdfense
| ISIN | 🆔 |
|---|---|
| Founded 📆 | 2017[1] |
| Founder 👔 | |
| Headquarters 🏙️ | , Abu Dhabi , United Arab Emirates |
Area served 🗺️ | |
| Members | |
Number of employees | 30 (2019)[2] |
| 🌐 Website | www |
| 📇 Address | |
| 📞 telephone | |
Crowdfense is an information security company based in Abu Dhabi, United Arab Emirates, established in 2017.[3] The company was founded by CEO Andrea Zapparoli Manzoni.[4] Crowdfense purchases zero-day exploits from security researchers in a purported bug bounty program, then sells the exploits to government customers, acting as a broker.[5]
History
Crowdfense was founded in early 2017 and in May 2018 Intelligence Online reported that the governments of the UAE and Saudi Arabia funded its operations.[6] Later in 2018, the company announced a $10 million fund to post iPhone bounties for $3 million.[7] In August 2023, Intelligence Online reported that Crowdfense underwent a small strategic revolution to enhance its vulnerability research capabilities.[8] In April 2024, the company expanded its Exploit Acquisition Program to offer up to $30 million in total rewards, extending its scope to cover enterprise software, messengers, and Wi-Fi/baseband exploits.[9][10]
Services
Crowdfense operates a Vulnerability Research Hub (VRH), an online platform where security researchers submit vulnerabilities for evaluation and receive rewards.[11] The company also offers an n-day vulnerability intelligence feed for both blue and red teams, developing weaponized exploits for publicly known vulnerabilities with expert analysis.[12] In March 2024, following months of internal restructuring, Crowdfense rebooted its bug bounty programme-introducing an even larger exploit-purchase package than in prior rounds.[13]
Corporate governance
Andrea Zapparoli Manzoni left Crowdfense in January 2024, following his replacement as CEO by Paolo Stagno.[14] Paolo Stagno serves as Executive Director and Director of Research at Crowdfense.[15][16]
Controversy
In June 2018, Business & Human Rights Resource Centre noted that while Crowdfense pledged to sell exploits only to countries with strong human rights records, its base in the UAE-a country criticized for human rights abuses-raised questions about the firm's self-imposed ethics policy.[17]
See also
References
- ↑ "About Us - Crowdfense". Retrieved 2025-04-14.
- ↑ "Vita da cacciatore di bachi informatici. "Vi racconto il grande mercato dello spionaggio digitale"". la Repubblica (in italiano). 2019-08-05. Retrieved 2025-04-03.
- ↑ "About Us - Crowdfense". Retrieved 2025-04-14.
- ↑ Cox, Joseph (2019-03-07). "As Phones Get Harder to Hack, Zero Day Vendors Hunt for Router Exploits". VICE. Retrieved 2025-04-03.
- ↑ Franceschi-Bicchierai, Lorenzo (2018-04-25). "Startup Offers $3 Million to Anyone Who Can Hack the iPhone". Vice. Retrieved 2024-06-23.
- ↑ "Emerging SIGINT powers seek own cyber-bounty hunters". Intelligence Online. 2018-05-16. Retrieved 2025-04-03.
- ↑ Franceschi-Bicchierai, Lorenzo (2024-04-06). "Price of zero-day exploits rises as companies harden products against hackers". TechCrunch. Retrieved 2024-06-23.
- ↑ "UAE: Abu Dhabi-based vulnerability researcher Crowdfense undergoes a small revolution". Intelligence Online. 2023-08-30. Retrieved 2025-04-03.
- ↑ "Crowdfense expands exploit acquisition program". SC Media. 2024-04-09. Retrieved 2025-04-14.
- ↑ Arghire, Ionut (2024-04-08). "Company Offering $30 Million for Android, iOS, Browser Zero-Day Exploits". SecurityWeek. Retrieved 2025-04-14.
- ↑ "About Us - Crowdfense". Retrieved 2025-04-14.
- ↑ "N-day feed". Crowdfense. Retrieved 2025-04-14.
- ↑ "Crowdfense reboots bug bounty programme". Intelligence Online. 2024-03-22. Retrieved 2025-04-14.
- ↑ "Shake-up of market for zero-day vulnerabilities". Intelligence Online. 2024-01-30. Retrieved 2025-04-14.
- ↑ "Paolo Stagno - LinkedIn". LinkedIn. Retrieved 2025-04-14.
- ↑ "Paolo Stagno, aka VoidSec". Retrieved 2025-04-14.
- ↑ Howell O'Neill, Patrick (2018-06-12). "UAE: Cyber-security company exclusively serves countries that respect human rights, despite being based in a serial violator of these rights". Business & Human Rights Resource Centre. Retrieved 2025-04-14.
This article "Crowdfense" is from Wikipedia. The list of its authors can be seen in its historical and/or the page Edithistory:Crowdfense. Articles copied from Draft Namespace on Wikipedia could be seen on the Draft Namespace of Wikipedia and not main one.
