Since 2003, Movember has raised awareness and funds for men’s health. With more than 5 million Mo Bros and Mo Sistas around the world participating in this cause, the security of the foundation’s platform is incredibly important. Like many organizations,…
This blog is authored by customer, Teza Mukkavilli, head of information security at Upwork, and first appeared on the Upwork Blog. Upwork places an extremely high priority on data security. As Upwork’s head of information security, I am constantly thinking about how…
This customer blog originally appeared on Fitbit's engineering blog, written by Katie Foster, security engineer at Fitbit. Fitbit has always been committed to protecting consumer privacy and keeping data safe. Our internal security team is constantly testing our products for…
In 2010, Barracuda Networks was one of the first organizations to launch a formal bug bounty program. Since then, Barracuda has paved the way for other organizations to launch programs in order to collaborate with the independent research community and improve their overall product security programs.
Bugcrowd bug bounty programs launched by security vendors have tripled over the past two years and represent the fifth largest industry on the Bugcrowd platform.
Last month we launched our 2017 CISO Investment Blueprint which analyzes survey responses from 100 security decision makers regarding the current state of application security. In addition to the survey results, we’ve chatted with several innovators in the security industry to get their thoughts on appsec today and the future.
In the past several weeks we’ve been publishing these interviews, filled with insights around the challenges and opportunities present for security decision-makers in 2017. We welcome your feedback and observations as well! Tweet us or shoot us an email to share your thoughts.
This week’s interview is with Dave Farrow, Barracuda’s Senior Director, Information Security, who has been instrumental in working with the security researcher community through their bug bounty program.
We also sat down with Dave last week at RSAC to hear about his conference session and his plans for appsec. Watch the video here.
After two and a half years of running an outstanding bug bounty program with Bugcrowd, we’d like to shine a spotlight on one of our most engaged customers–Twilio.
A few months ago we celebrated the launch of Okta’s public bug bounty program after having run a private program for years. Today, we’re taking a closer look at how their bug bounty program has influenced their application security program.
Posted originally on by Stuart Hirst on Skyskanner’s Code Voyager Blog
Skyscanner has a culture of innovation and continuous improvement. For our IT security function, the ‘Security Squad’, it is no different. External security testing had previously taken the form of standard penetration testing, which brought considerable value and helped improve security posture. However, our Squad wanted to look at new ways of testing the products that we help secure on a daily basis. In early 2015, we began to investigate the possibility of a crowd-sourced testing mechanism.
