Products
- Vulnerability Disclosure Program
- Bug Bounty Program
Industry
Security
-
Value-Add
For the Barracuda security team, working closer with the security research community was a great way for them to improve their overall security posture while exhibiting thought leadership.
-
Outcomes
The managed bug bounty program has freed up Barracuda’s security team to spend more time working closely with their product teams–to educate
and to help remediate bugs faster and more seamlessly
In 2010, Barracuda was one of the first organizations to launch their own bug bounty model. At the time, bug bounties were just gaining traction, and Barracuda has been
integral in forging the path ahead for the crowdsourced security model.
For the Barracuda security team, working closer with the security research community was a great way for them to improve their overall security posture while exhibiting thought leadership.
The Value of A Managed Bug Bounty Program
As activity and interest from the security researcher community picked up at the height of their program, Barracuda recognized the need for a ‘gatekeeper’ to triage incoming reports and correspond with researchers.
The managed program has freed up Barracuda’s security team to spend more time working closely with their product teams–to educate and to help remediate bugs faster and more seamlessly. Bugcrowd’s hands-on expert management coupled with a powerful vulnerability disclosure platform, Crowdcontrol, eased all the challenges they faced running their own program…
We want to apply our resources in the places that make the most impact to our organization. That’s not on the front line, talking to researchers. The way that Bugcrowd has developed their platform and still allowed us access to researchers has created a clean, low friction interface between our teams and freed us to focus on issues that will make an impact on our security posture.
Working with Crowdcontrol to Integrate with Existing Workflows
Bugcrowd’s vulnerability disclosure and tracking platform, Crowdcontrol, offered Barracuda a seamless solution to receiving submissions,
integrating with existing workflows and paying researchers.
As a large organization with dozens of product lines and multiple vulnerability collection streams–internal and external–Barracuda made it essential to integrate their bug bounty program into their security program as a whole.
Crowdcontrol’s integration with issue tracking system, Jira, ensures that bugs validated by Bugcrowd’s team, make it into the right hands in real time.
Bug Bounty Learnings
In its history, the Barracuda bug bounty program has seen immense success and received consistent engagement.
This consistent engagement is due in large part because of their positive relationship with the researcher community, strengthened by
the Bugcrowd team. They have also expanded the scope of their program, which now includes Barracuda cloud services. Their continued
commitment to the research community is a great example to other companies, especially security companies.
Subscribe for updates
Read more customer case studies
InVision
InVision, the award-winning product design collaboration platform, prioritizes product security with a robust approach to vulnerability management. To stay ahead...
Read More
Instructure
Instructure, from its inception, has proactively published the results of its annual security survey to add full transparency to its...
Read More
Kenna Security
Kenna Security is a leader in vulnerability management, serving many Fortune 100 companies and nearly every major vertical. Being a...
Read MoreGet Started with Bugcrowd
Hackers aren’t waiting, so why should you? See how Bugcrowd can quickly improve your security posture.