Instructure is the company behind Canvas, an innovative learning management system, and a strong proponent of application security. They have a commitment to transparency as well, and have been conducting annual open security audits since 2011, releasing the results of their pen tests publicly. In 2014, they did something different – they ran a Bugcrowd Flex program. The findings they publicly disclosed showed that they had received 8x the bugs with Bugcrowd’s crowdsourced penetration tests.
Wade Billings, the Head of Security at Instructure and Jonathan Cran, the VP of Operations at Bugcrowd, hosted a conversation around current pen test audit practices and how to improve upon results by considering a new forms of security technology, such as crowdsourced pen tests.
Learn about how Instructure replaced their annual pen test with a Bugcrowd, and the 59 valid findings that Bugcrowd researchers uncovered. Read the Instructure Case Study.