Exclusive: Top Hackers-For-Hire Startup Names New CEO
Bugcrowd, one of the world’s top bug bounty startups, is set to name a new chief executive on Monday.
Casey Ellis, the erstwhile CEO, told Fortune this weekend that he is stepping aside to become chairman and chief technology officer of the firm he founded in 2012. His replacement will be Ashish Gupta, former chief marketing officer and executive vice president of Infoblox (BLOX), a Santa Clara, Calif.-based cybersecurity company that helps businesses manage their IT networks.
Ellis said that he has been searching for his replacement for the past six months. He decided to bring someone on board to run the business so that he could instead focus on the technical product.
“Oftentimes this happens because the board suddenly flips out—the kid’s got to go, we need a grownup in the room. That’s not what happened here,” Ellis said.
Get Data Sheet, Fortune’s technology newsletter
“I feel quite proud of what I was able to do but, truth be told, it’s not what I’m absolutely passionate about,” Ellis continued. He noted that he prefers the engineering and product strategy side to handling financials, HR, and other aspects of the CEO job.
“It has been one of those—I don’t want to say difficult decisions—but it has been a heavy one, an important one,” Ellis said.
Bugcrowd connects hackers to companies so that the former can get paid for reporting and helping fix vulnerabilities in the latter’s products. (For more insight into bug hunting, read this feature story in the July issue of Fortune magazine.) Bugcrowd works with customers such as Mastercard (MA), Pinterest, and Fiat Chrysler of America (FCAU) to bolster their security programs.
Bug bounties have become a hot trend in the security world of late. Tech firms like Google (GOOG), Facebook (FB), and Microsoft (MSFT) were early to the game, but now everyone from Apple (AAPL) to the Pentagon to United Airlines (UAL) has tried one out.
Bugcrowd is one of two main bug bounty startups that create software to facilitate a market between security researchers and clients. Its rival—the McDonald’s to its Burger King, or Coca-Cola to its Pepsi—is HackerOne, which incidentally also brought on a non-founder CEO to scale its business two years ago. (You can watch a clip of Mårtin Mickos, HackerOne’s CEO, at this year’s Fortune’s Brainstorm Tech conference here.)
In a statement to Fortune, new CEO Gupta praised “Casey’s vision,” applying crowdsourcing to the problem of security research and vulnerability testing. “I am delighted to join Bugcrowd,” he said.
Art Coviello, partner at Rally Ventures, Bugcrowd board member, and former president of cybersecurity firm RSA, wrote in an email to Fortune that Gupta is “a tremendous talent with the kind of sales and marketing expertise we need to take us to the next level.”
To date, Bugcrowd has 60,000 security researchers enrolled on its platform. The company’s headcount tripled to 110 from around 35 a year ago.
Ellis, an Aussie entrepreneur who has been investing in cybersecurity startups and advising entrepreneurs on the side, said that he plans to make teaching “how to replace yourself” part of his mentorship.
“It’s an inherently awkward thing to do optically,” Ellis told Fortune. “It’s a hard thing to do, but it’s a good one.”