51 Bugcrowd Testimonials

“We have used other security programs in the past to supplement our internal security audits but these were costly and happened one to two times per year at best. With Bugcrowd, we’ve added an always-on approach to security.”

“We think of the bug bounty program as ‘part of this complete breakfast’. You have all these internal activities, and the Bugcrowd program for us is a nice supplement to those things–it catches bugs that our internal testing didn’t catch. It also gives us information in what it doesn’t report.”

“Security is the foundation on which users trust Schoology. We are committed to users privacy and it is important that we continue to be a platform that users trust. We partnered with Bugcrowd to make our security program stronger, harnessing the breadth and depth of skilled security testers matched with an incredibly powerful platform and team.”

“If a company says it’s running a bug bounty program, then every security researcher and hacker already knows that the company has already done a lot of security work and has an entire security environment in place. A bug bounty program is one of the last measures in the chain, and it’s an indicator of how well a company manages its security.”

"Their testers dig deep in their testing. Not only will they take a URL and test it for many days, but they have also found what other systems have not identified. No system can be proven to have zero vulnerabilities, so continuous testing at this level of depth is great."

"The number of Bugcrowd findings is a true measure of our maturity as a company. I want to get to a point in the not too distant future where I am showing a graph at every board meeting that shows a meager number of Bugcrowd findings and not for lack of attention but due to our focus on enhancing our application security."

"Bugcrowd is a great partner for us—the researchers are like an extension of our own security team. Working together we can reduce duplication, coordinate responses, and continuously improve the quality and quantity of submissions. A crowd-sourced approach to security helps us to innovate faster and safeguard customer trust and our reputation."

"Magecart attacks, personal data exfiltration, and account takeovers are a concern in the travel industry, so we’re particularly interested in vulnerability reports relating to those areas to keep our customers safe."

“We like Bugcrowd’s approach. A structured format for reporting issues helps drive better quality bugs and filter out noise while the handling of bounty payments is a huge time savings for us. Having a third party help manage researchers will be very valuable.”

“The Jira integration was a huge value-add for us. We’ve built our communication channel inside the company is designed all around Jira. The fact that we could bolt on Bugcrowd’s solution to our Jira system and extend that in through our current communication channel made that portion of the transition that much easier.”

“In the tax preparation software industry, we deal with highly sensitive data for a large number of individuals. You can pretty much learn anything you want to know about an individual from their tax return. And because of that, we need to make sure the data stays completely secure, which starts with making sure the applications we’re developing are secure as well.”

“We’re dealing with customers who trust us with the security of their applications, assets, and user data. We need to demonstrate how we’re protecting their data, so for us, being a step ahead of that is very important. That’s why a service like Bugcrowd is perfect for us.”

"Bugcrowd allows us to focus on our core business, knowing that our systems are in safe hands."

"Bugcrowd has expanded our approach to vulnerability testing. Bugcrowd has provided us with a clearer understanding of the hackers’ mentality, by bringing all the key parties together in a common, collaborative way. That is a key benefit that we’ve seen working with Bugcrowd."

"By working with Bugcrowd, we’ve been able to continuously improve our security metrics and maturity, ensuring we maintain customer trust in the Directly platform, which is vital for our reputation and continued growth."