How Axis Communications uses crowdsourced security to uncover in-depth intelligence and strengthen their multi-layered security strategy.

Although cybersecurity has increasingly become a global IT priority, it has not fully made the leap into the world of device interoperability and data sharing over a network. With the risk of cyberattacks at a rise, having strong IoT cybersecurity programs in place has become vital to protecting critical infrastructure and developing prevention strategies that build and maintain client trust.

As an industry and market leader in video surveillance and IoT security solutions, Axis Communications is making its mark and spearheading the way for device cybersecurity by developing a multi-layered approach that focuses on enabling a smarter and safer world.

To find out more, we spoke with Andre Bastert, Product Manager at Axis Communications about how they’re prioritizing their security solutions and why they’re using Bugcrowd’s platform and solutions to create a comprehensive cybersecurity protection strategy for their customers.

Q: Tell me a bit about Axis Communications

A: Having been in business nearly 40 years, Axis Communications is an industry leader in video surveillance and IoT solutions. We enable a smarter and safer world by creating solutions that improve security and business performance. As a network technology company, we offer solutions in video surveillance, access control, intercom, and audio systems. Axis has around 4,000 employees that operate in over 50 countries and we collaborate with technology and system integration partners worldwide to deliver exceptional customer solutions.

Q: Why is cybersecurity important for your customers in the IoT and surveillance industry?

A: Axis has integrated cybersecurity considerations into our entire development lifecycle, where we have worked with external security researchers and ethical hackers to help make our products even more secure. Because of this, we saw more opportunity to scale our operations out to a crowd of ethical hackers. Engaging closely with skilled external security researchers who have IoT device knowledge provides an invaluable opportunity to  improve the continuous assessment of our physical security solutions. We decided to partner with Bugcrowd to deliver the bug bounty services that helped expand on our multi-layered cybersecurity strategy. With this approach, we can ensure that we are delivering secure products and solutions while continuing to build trust with our customers.

Q: Why did you choose Bugcrowd?

A: This was an important project for us, and we welcomed Bugcrowd’s ‘crawl, walk, run’ philosophy, as well as their CrowdMatch capabilities. From day one we have been matched with researchers who properly understand our devices and our challenges. This is why we chose the Bugcrowd Platform over competitors– Bugcrowd helps us engage superior hacker talent that aligns with our security goals. Overall, we have benefited from real flexibility, scalability, and from feeling looked after and fully supported. Our partnership with Bugcrowd is helping to create a smarter, safer, and more cybersecure world.

Q: What are the biggest outcomes you have seen?

A: We have been able to identify, confirm, patch, and disclose multiple vulnerabilities in AXIS OS, our Linux-based operating system that drives Axis’ products to search for vulnerabilities and bugs, all while maintaining comprehensive protection for our customers through an integrated program of activity using the Bugcrowd platform, including advanced penetration tests, vulnerability disclosure programs, and attack surface management.

About the customer

Andre Bastert is a Global Product Manager at Axis Communications. He is responsible for cybersecurity in the AXIS OS platform, the Linux-based operating system that powers Axis network products. Vulnerability and lifecycle management as well as driving the security-related functionality roadmap of the AXIS OS platform are his main tasks. Andre started his career at Axis in 2014 as a technical support engineer. Before taking on his current position he worked as a product specialist for AXIS OS platform.