Topic: Success Stories
In 2010, Barracuda Networks was one of the first organizations to launch a formal bug bounty program. Since then, Barracuda has paved the way for other organizations to launch programs in order to collaborate with the independent research community and improve their overall product security programs.
Last month we launched our 2017 CISO Investment Blueprint which analyzes survey responses from 100 security decision makers regarding the current state of application security. In addition to the survey results, we’ve chatted with several innovators in the security industry to get their thoughts on appsec today and the future.
In the past several weeks we’ve been publishing these interviews, filled with insights around the challenges and opportunities present for security decision-makers in 2017. We welcome your feedback and observations as well! Tweet us or shoot us an email to share your thoughts.
This week’s interview is with Dave Farrow, Barracuda’s Senior Director, Information Security, who has been instrumental in working with the security researcher community through their bug bounty program.
We also sat down with Dave last week at RSAC to hear about his conference session and his plans for appsec. Watch the video here.
After two and a half years of running an outstanding bug bounty program with Bugcrowd, we’d like to shine a spotlight on one of our most engaged customers–Twilio.
Posted originally on by Stuart Hirst on Skyskanner’s Code Voyager Blog
Skyscanner has a culture of innovation and continuous improvement. For our IT security function, the ‘Security Squad’, it is no different. External security testing had previously taken the form of standard penetration testing, which brought considerable value and helped improve security posture. However, our Squad wanted to look at new ways of testing the products that we help secure on a daily basis. In early 2015, we began to investigate the possibility of a crowd-sourced testing mechanism.