"National Australia Bank wanted to establish a formal and uniform way for security researchers to disclose potential vulnerabilities."

"When protecting against 21st century threats, you need a 21st century solution."

"The number of Bugcrowd findings is a true measure of our maturity as a company. I want to get to a point in the not too distant future where I am showing a graph at every board meeting that shows a meager number of Bugcrowd findings and not for lack …

"We have found our engagement with Bugcrowd to be valuable. We have received useful submissions that we would never have found with our automated scanning tools. It has been a great addition to our overall security toolkit."

“We decided to run a bug bounty program in order to get access to a wide variety of security testers. Hiring security researchers is very difficult in today’s market, and even if you can find one, chances are good that person will be a specialist in only one or two …

"We quickly felt safe to take our program public with Bugcrowd. We value the way Bugcrowd finds the right hackers with the right expertise for our programs."

“I could have called anyone to get a clean bill of health, but that`s not our business. We called Bugcrowd because we wanted the most in-depth vetting of our security posture. It`s beyond compliance it`s about true risk reduction.”

"Their testers dig deep in their testing. Not only will they take a URL and test it for many days, but they have also found what other systems have not identified. No system can be proven to have zero vulnerabilities, so continuous testing at this level of depth is great."

"By adding a managed bug bounty program through Bugcrowd, we are adding one more layer to our security program."

"By working with Bugcrowd, we’ve been able to continuously improve our security metrics and maturity, ensuring we maintain customer trust in the Directly platform, which is vital for our reputation and continued growth."

“Bugcrowd identified solutions and workflows that fit nicely into our company and current process.”

“With Bugcrowd we are able to ensure that our communications with researchers is consistent, while also providing our development teams with actionable and validated vulnerabilities. We are excited to extend our program and continue enjoying the benefits of crowdsourced security testing.”

"An underrated benefit of Bugcrowd is the service their Application Security Engineers provide in triaging incoming reports. They free up our Security Engineering Team to focus attention on building security in by design and addressing issues directly with dev teams."

“It’s a win-win situation—either the Crowd finds something we didn’t see, in which case we can fix it. Or they don’t find anything, which validates our efforts.”

"Bugcrowd hit the ground running and partnered with us throughout the process. We saw the first batch of vulnerabilities just a week after finalizing our approach."