"By working with Bugcrowd, we’ve been able to continuously improve our security metrics and maturity, ensuring we maintain customer trust in the Directly platform, which is vital for our reputation and continued growth."

"Bugcrowd has helped our organization remediate potential security vulnerabilities with an estimated impact of $158 million, based on all triaged submissions."

“We think of the bug bounty program as ‘part of this complete breakfast’. You have all these internal activities, and the Bugcrowd program for us is a nice supplement to those things–it catches bugs that our internal testing didn’t catch. It also gives us information in what it doesn’t report.”

“We decided to run a bug bounty program in order to get access to a wide variety of security testers. Hiring security researchers is very difficult in today’s market, and even if you can find one, chances are good that person will be a specialist in only one or two …

“We have used other security programs in the past to supplement our internal security audits but these were costly and happened one to two times per year at best. With Bugcrowd, we’ve added an always-on approach to security.”

“We like Bugcrowd’s approach. A structured format for reporting issues helps drive better quality bugs and filter out noise while the handling of bounty payments is a huge time savings for us. Having a third party help manage researchers will be very valuable.”

“The Jira integration was a huge value-add for us. We’ve built our communication channel inside the company is designed all around Jira. The fact that we could bolt on Bugcrowd’s solution to our Jira system and extend that in through our current communication channel made that portion of the transition …

"An underrated benefit of Bugcrowd is the service their Application Security Engineers provide in triaging incoming reports. They free up our Security Engineering Team to focus attention on building security in by design and addressing issues directly with dev teams."

“It’s a win-win situation—either the Crowd finds something we didn’t see, in which case we can fix it. Or they don’t find anything, which validates our efforts.”

"Bugcrowd hit the ground running and partnered with us throughout the process. We saw the first batch of vulnerabilities just a week after finalizing our approach."

“Bugcrowd identified solutions and workflows that fit nicely into our company and current process.”

“We want to encourage independent security researchers to reach out to us and share what they’ve found so that we can fix it before it becomes an issue for our consumers.”

"By adding a managed bug bounty program through Bugcrowd, we are adding one more layer to our security program."

“The biggest benefit we see from Bugcrowd is the team’s ability to help in managing the bug bounty program so that once reports get to our security team, the are already deduped, validated and triaged. All our security team has to do is fix the bug. Bugcrowd has the best …

“The hacker community can outrun threat actors at an unprecedented pace. Not even the largest security teams can do what Bugcrowd can achieve.”