57 Bugcrowd Testimonials

“It’s a no brainer. You’re getting a much larger pool of people with different back grounds. Whether they’re cloud or mobile or firmware and they’re looking at the product. You get a much better sense of the quality and security of the device rather than going to one or two people.”

"The cybersecurity landscape constantly evolves, demanding fresh approaches to identifying and addressing unique vulnerabilities. This bug bounty program allows BigCommerce to expand diversity beyond our global workforce. By partnering with external researchers who have different backgrounds and experiences, we are confident that we can mature our company’s security practices and better protect our employees and customers."

"Unlike a scheduled penetration test, time is not a factor. And given the number of researchers on the Bugcrowd platform this means eventually the majority of customer facing applications end up being discovered and further tested. This allows us to ‘even up’ the playing field between security testers and the technology teams."

“The hacker community can outrun threat actors at an unprecedented pace. Not even the largest security teams can do what Bugcrowd can achieve.”

"National Australia Bank wanted to establish a formal and uniform way for security researchers to disclose potential vulnerabilities."

“Bugcrowd pen testing gives me, my team, and our clients complete peace of mind that BeeBole is up and running securely."

“We have used other security programs in the past to supplement our internal security audits but these were costly and happened one to two times per year at best. With Bugcrowd, we’ve added an always-on approach to security.”

“With Bugcrowd we are able to ensure that our communications with researchers is consistent, while also providing our development teams with actionable and validated vulnerabilities. We are excited to extend our program and continue enjoying the benefits of crowdsourced security testing.”

“It’s huge to be able to directly push vulnerabilities into our Jira queue. We don’t have to treat it any differently, depending on what part of our application is affected, a ticket is created and tasked to the team responsible for building it.”

“We’re dealing with customers who trust us with the security of their applications, assets, and user data. We need to demonstrate how we’re protecting their data, so for us, being a step ahead of that is very important. That’s why a service like Bugcrowd is perfect for us.”

“By adding the power of the talented researcher community to our Product Security program, we’ve learned a lot about how people outside the company think about our products, additional scenarios where products can be at risk and what else we could do to protect our products. We’ve used this information to put a sharper focus on the areas of greatest risk, which has been invaluable to us as we scale.”

“Our bug bounty plays a key role in our Product Security program. It has helped us to define and shape this program. We are getting access to a large talent pool who are incentivized to test, find and report security vulnerabilities on our platform. This is a win-win situation for everyone.”

"Bugcrowd does a wonderful job weeding out the noise so we can get to the real issues."

“Security is the foundation on which users trust Schoology. We are committed to users privacy and it is important that we continue to be a platform that users trust. We partnered with Bugcrowd to make our security program stronger, harnessing the breadth and depth of skilled security testers matched with an incredibly powerful platform and team.”

"We quickly felt safe to take our program public with Bugcrowd. We value the way Bugcrowd finds the right hackers with the right expertise for our programs."