57 Bugcrowd Testimonials

"The cybersecurity landscape constantly evolves, demanding fresh approaches to identifying and addressing unique vulnerabilities. This bug bounty program allows BigCommerce to expand diversity beyond our global workforce. By partnering with external researchers who have different backgrounds and experiences, we are confident that we can mature our company’s security practices and better protect our employees and customers."

“With many companies doing continuous integration, pushing code every day, and utilizing new open source repositories, it's becoming a necessity to crowdsource testing. Utilizing Bugcrowd's researchers levels the playing field, and helps Pinterest find and fix vulnerabilities proactively instead of reactively.”

“Our bug bounty plays a key role in our Product Security program. It has helped us to define and shape this program. We are getting access to a large talent pool who are incentivized to test, find and report security vulnerabilities on our platform. This is a win-win situation for everyone.”

“We have used other security programs in the past to supplement our internal security audits but these were costly and happened one to two times per year at best. With Bugcrowd, we’ve added an always-on approach to security.”

“We think of the bug bounty program as ‘part of this complete breakfast’. You have all these internal activities, and the Bugcrowd program for us is a nice supplement to those things–it catches bugs that our internal testing didn’t catch. It also gives us information in what it doesn’t report.”

"We quickly felt safe to take our program public with Bugcrowd. We value the way Bugcrowd finds the right hackers with the right expertise for our programs."

"We have found our engagement with Bugcrowd to be valuable. We have received useful submissions that we would never have found with our automated scanning tools. It has been a great addition to our overall security toolkit."

“The biggest benefit we see from Bugcrowd is the team’s ability to help in managing the bug bounty program so that once reports get to our security team, the are already deduped, validated and triaged. All our security team has to do is fix the bug. Bugcrowd has the best managed services.”

"What is amazing about Bugcrowd — With all the security technology and process that we have in place at Motorola we always find bugs when product goes live. Bugcrowd has saved us close to $60 million, simply because we’ve avoided major data breaches in the eyes of our customers."

“It’s a no brainer. You’re getting a much larger pool of people with different back grounds. Whether they’re cloud or mobile or firmware and they’re looking at the product. You get a much better sense of the quality and security of the device rather than going to one or two people.”

"Bugcrowd has helped our organization remediate potential security vulnerabilities with an estimated impact of $158 million, based on all triaged submissions."

"Bugcrowd has expanded our approach to vulnerability testing. Bugcrowd has provided us with a clearer understanding of the hackers’ mentality, by bringing all the key parties together in a common, collaborative way. That is a key benefit that we’ve seen working with Bugcrowd."

"Bugcrowd does a wonderful job weeding out the noise so we can get to the real issues."

“We like Bugcrowd’s approach. A structured format for reporting issues helps drive better quality bugs and filter out noise while the handling of bounty payments is a huge time savings for us. Having a third party help manage researchers will be very valuable.”

“The Jira integration was a huge value-add for us. We’ve built our communication channel inside the company is designed all around Jira. The fact that we could bolt on Bugcrowd’s solution to our Jira system and extend that in through our current communication channel made that portion of the transition that much easier.”