“We think of the bug bounty program as ‘part of this complete breakfast’. You have all these internal activities, and the Bugcrowd program for us is a nice supplement to those things–it catches bugs that our internal testing didn’t catch. It also gives us information in what it doesn’t report.”

“Our bug bounty program is a key part of our security strategy.”

“Security researchers help us by pointing out vulnerabilities that may not have yet been identified, contributing to an improved security posture.”

“Security is the foundation on which users trust Schoology. We are committed to users privacy and it is important that we continue to be a platform that users trust. We partnered with Bugcrowd to make our security program stronger, harnessing the breadth and depth of skilled security testers matched with …

"Softdocs’ partnership with Bugcrowd is a key strategy for securing the Etrieve product for our customers. In today’s threat landscape, focused, crowdsourced attention to our digital footprint is important to securing the integrity and privacy of their data."

"What is amazing about Bugcrowd — With all the security technology and process that we have in place at Motorola we always find bugs when product goes live. Bugcrowd has saved us close to $60 million, simply because we’ve avoided major data breaches in the eyes of our customers."

“We like Bugcrowd’s approach. A structured format for reporting issues helps drive better quality bugs and filter out noise while the handling of bounty payments is a huge time savings for us. Having a third party help manage researchers will be very valuable.”

“The Jira integration was a huge value-add for us. We’ve built our communication channel inside the company is designed all around Jira. The fact that we could bolt on Bugcrowd’s solution to our Jira system and extend that in through our current communication channel made that portion of the transition …

"An underrated benefit of Bugcrowd is the service their Application Security Engineers provide in triaging incoming reports. They free up our Security Engineering Team to focus attention on building security in by design and addressing issues directly with dev teams."

“It’s a win-win situation—either the Crowd finds something we didn’t see, in which case we can fix it. Or they don’t find anything, which validates our efforts.”

"Bugcrowd hit the ground running and partnered with us throughout the process. We saw the first batch of vulnerabilities just a week after finalizing our approach."

“With Bugcrowd we are able to ensure that our communications with researchers is consistent, while also providing our development teams with actionable and validated vulnerabilities. We are excited to extend our program and continue enjoying the benefits of crowdsourced security testing.”

"Bugcrowd is a great partner for us—the researchers are like an extension of our own security team. Working together we can reduce duplication, coordinate responses, and continuously improve the quality and quantity of submissions. A crowd-sourced approach to security helps us to innovate faster and safeguard customer trust and our …

"Magecart attacks, personal data exfiltration, and account takeovers are a concern in the travel industry, so we’re particularly interested in vulnerability reports relating to those areas to keep our customers safe."

“I could have called anyone to get a clean bill of health, but that`s not our business. We called Bugcrowd because we wanted the most in-depth vetting of our security posture. It`s beyond compliance it`s about true risk reduction.”