“By adding the power of the talented researcher community to our Product Security program, we’ve learned a lot about how people outside the company think about our products, additional scenarios where products can be at risk and what else we could do to protect our products. We’ve used this information …

“At Okta, we’re squarely focused on customer success. For my security team, that translates directly to customer security and assurance. Our private bug bounty program with Bugcrowd expanded coverage of my internal attack team by adding a solid bench of diversity and breadth of capabilities.”

"Unlike a scheduled penetration test, time is not a factor. And given the number of researchers on the Bugcrowd platform this means eventually the majority of customer facing applications end up being discovered and further tested. This allows us to ‘even up’ the playing field between security testers and the …

"Their testers dig deep in their testing. Not only will they take a URL and test it for many days, but they have also found what other systems have not identified. No system can be proven to have zero vulnerabilities, so continuous testing at this level of depth is great."

“I could have called anyone to get a clean bill of health, but that`s not our business. We called Bugcrowd because we wanted the most in-depth vetting of our security posture. It`s beyond compliance it`s about true risk reduction.”

“With Bugcrowd we are able to ensure that our communications with researchers is consistent, while also providing our development teams with actionable and validated vulnerabilities. We are excited to extend our program and continue enjoying the benefits of crowdsourced security testing.”

“It’s a no brainer. You’re getting a much larger pool of people with different back grounds. Whether they’re cloud or mobile or firmware and they’re looking at the product. You get a much better sense of the quality and security of the device rather than going to one or two …

"We have found our engagement with Bugcrowd to be valuable. We have received useful submissions that we would never have found with our automated scanning tools. It has been a great addition to our overall security toolkit."

“We think of the bug bounty program as ‘part of this complete breakfast’. You have all these internal activities, and the Bugcrowd program for us is a nice supplement to those things–it catches bugs that our internal testing didn’t catch. It also gives us information in what it doesn’t report.”

"We quickly felt safe to take our program public with Bugcrowd. We value the way Bugcrowd finds the right hackers with the right expertise for our programs."

"What is amazing about Bugcrowd — With all the security technology and process that we have in place at Motorola we always find bugs when product goes live. Bugcrowd has saved us close to $60 million, simply because we’ve avoided major data breaches in the eyes of our customers."

“It’s huge to be able to directly push vulnerabilities into our Jira queue. We don’t have to treat it any differently, depending on what part of our application is affected, a ticket is created and tasked to the team responsible for building it.”

"The number of Bugcrowd findings is a true measure of our maturity as a company. I want to get to a point in the not too distant future where I am showing a graph at every board meeting that shows a meager number of Bugcrowd findings and not for lack …

"Softdocs’ partnership with Bugcrowd is a key strategy for securing the Etrieve product for our customers. In today’s threat landscape, focused, crowdsourced attention to our digital footprint is important to securing the integrity and privacy of their data."

“We have used other security programs in the past to supplement our internal security audits but these were costly and happened one to two times per year at best. With Bugcrowd, we’ve added an always-on approach to security.”