Products
Bug Bounty Program
Industry
Technology
-
Challenge
Hummingbird needs to ensure the sensitive and highly regulated data within its compliance platform is protected against security threats
-
Outcomes
- Leveraged security best practices
- Reduced incidents by finding and remediating bugs faster
- Built customer confidence
Fighting financial crime
Hummingbird helps organizations fight financial crime with its compliance investigation and reporting platform. Its innovative solution streamlines case work and management processes associated with anti-money laundering, anti-fraud, disputes, and testing. By reducing paperwork, simplifying collaboration, and automating data analysis, the solution frees up compliance professionals and law enforcement agents to spend more time investigating. Modern criminals are sophisticated, tech-savvy, and agile, says Jesse Reiss, Co-Founder and CTO at Hummingbird. We believe the tools used to fight financial crimes should be too.
As it works with some of the world’s leading financial institutes, security is top priority for Hummingbird. Its platform hosts sensitive and highly regulated client data that must be protected against malicious attacks. Although it has an extremely experienced team for a relatively small company, Hummingbird’s security leaders felt that conventional methods were not enough. The traditional approach to security with periodic testing is insufficient to meet the threats associated with dynamic software chains, rapidly evolving cloud hosting environments, and aggressive opponents, explains Reiss.
A Faster Response to New Threats
To ensure its compliance platform was secure from the outset, Hummingbird started working with Bugcrowd before it had launched its first product or had any active customers. The engagement began with penetration testing before the company’s solutions went live in 2018 and has continued with an ongoing bug bounty program. We looked at several programs, but Bugcrowd offered the best services for validating submissions while avoiding spurious effort, reveals Reiss.
The Bugcrowd team helped Hummingbird create a brief and establish a staging environment ready for researchers in just a couple of weeks and has benefitted from an efficient and effective bug bounty program to safeguard security ever since. By combining agile methodologies, statistical models to detect anomalies, and our bug bounty program, we can be adaptive and respond rapidly to new threats, comments Reiss.

By working with Bugcrowd, we’ve introduced a failsafe layer that reduces the likelihood of a single failure becoming an incident, which improves our security credentials and boosts customer confidence.
Building Customer Trust
With a team of expert researchers continuously investigating its compliance platform, Hummingbird can ensure security issues are identified and resolved before they’re exploited. The Bugcrowd team has also helped the company implement security best practices.
Our customers trust us to secure their financial compliance data, and we take that responsibility very seriously, comments Reiss. By working with Bugcrowd, we’ve introduced a failsafe layer that reduces the likelihood of a single failure becoming an incident, which improves our security credentials and boosts customer confidence.
Hummingbird plans to continue to collaborate with Bugcrowd and its team of researchers as the company develops and launches new innovative products for its customers.
If you are interested in learning more about Hummingbird, go to www.hummingbird.co
Subscribe for updates
Read more customer case studies
(ISC)²
(ISC)² has run a public bounty offering Kudos points and potential CPE credits for nearly two years.
Read MoreActiveCampaign
ActiveCampaign is a SaaS marketing technology platform that helps businesses meaningfully connect with customers using solutions designed to support the...
Read MoreAruba Networks
After evaluating their current testing capabilities and organizational goals, Aruba decided to harness the collective power of human intelligence through...
Read MoreGet Started with Bugcrowd
Hackers aren’t waiting, so why should you? See how Bugcrowd can quickly improve your security posture.