51 Bugcrowd Testimonials

“Bugcrowd’s Vulnerability Disclosure Program is one of the best value-for-money services that we have. The annual cost of the program is the same cost of one traditional penetration test and the VDP has given us around a 100-fold increase in actionable intelligence.”

“It’s huge to be able to directly push vulnerabilities into our Jira queue. We don’t have to treat it any differently, depending on what part of our application is affected, a ticket is created and tasked to the team responsible for building it.”

“We want to be transparent with existing and potential customers with the lengths we go to in order to protect their privacy and security and are excited to tap on the expertise of thousands of Bugcrowd researchers.”

“We want to encourage independent security researchers to reach out to us and share what they’ve found so that we can fix it before it becomes an issue for our consumers.”

"Their testers dig deep in their testing. Not only will they take a URL and test it for many days, but they have also found what other systems have not identified. No system can be proven to have zero vulnerabilities, so continuous testing at this level of depth is great."

“It’s a no brainer. You’re getting a much larger pool of people with different back grounds. Whether they’re cloud or mobile or firmware and they’re looking at the product. You get a much better sense of the quality and security of the device rather than going to one or two people.”

“Bugcrowd pen testing gives me, my team, and our clients complete peace of mind that BeeBole is up and running securely."

“The biggest benefit we see from Bugcrowd is the team’s ability to help in managing the bug bounty program so that once reports get to our security team, the are already deduped, validated and triaged. All our security team has to do is fix the bug. Bugcrowd has the best managed services.”

“We looked at several programs, but Bugcrowd offered the best services for validating submissions while avoiding spurious effort."

"The number of Bugcrowd findings is a true measure of our maturity as a company. I want to get to a point in the not too distant future where I am showing a graph at every board meeting that shows a meager number of Bugcrowd findings and not for lack of attention but due to our focus on enhancing our application security."

"Indeed’s Security and R&D teams were impressed by the results of our first Bug Bash event with Bugcrowd’s global community of security researchers,” said Anthony Moisant, Chief Security Officer, and Chief Information Officer for Indeed. “With the help of the Bugcrowd community and platform, we’ve been able to continue strengthening our security posture and work together to protect the information of job seekers and employers."

“We have used other security programs in the past to supplement our internal security audits but these were costly and happened one to two times per year at best. With Bugcrowd, we’ve added an always-on approach to security.”

"The cybersecurity landscape constantly evolves, demanding fresh approaches to identifying and addressing unique vulnerabilities. This bug bounty program allows BigCommerce to expand diversity beyond our global workforce. By partnering with external researchers who have different backgrounds and experiences, we are confident that we can mature our company’s security practices and better protect our employees and customers."

“We’re dealing with customers who trust us with the security of their applications, assets, and user data. We need to demonstrate how we’re protecting their data, so for us, being a step ahead of that is very important. That’s why a service like Bugcrowd is perfect for us.”

"Combining pen testing and bug bounty through Bugcrowd helps our team meet immediate security requirements while proactively reducing risk. It gives us the scale and agility to stay ahead of today’s biggest threats and tomorrow’s unknown challenges."