Operationally Necessary Cookies
For the Barracuda security team, working closer with the security research community was a great way for them to improve their overall security posture while exhibiting thought leadership.
On November 9, 2010, Barracuda became the one of the first companies to run a bug bounty. The program initially received just a handful of reports every quarter.
In 2012, Barracuda’s bug bounty program reached the point where responding to researchers, distributing awards worldwide, and working with product teams to remediate reports became a full time position.
Today, Barracuda has a team of analysts working full time on the program. Barracuda turned to Bugcrowd to filter out invalid submissions and manage award payments, thus freeing up internal resources to focus on addressing reports from the community.
“We like Bugcrowd’s approach. A structured format for reporting issues helps drive better quality bugs and filter out noise while the handling of bounty payments is a huge time savings for us. Having a third party help manage researchers will be very valuable.” – Dave Farrow, Director of Engineering at Barracuda Networks
Barracuda is using Crowdcontrol’s bi-directional JIRA integration, which automatically creates JIRA tickets for newly discovered issues based on specific triggers. Tickets are automatically updated as new information regarding a submission is added.
The process helps ensure the most accurate and up-to-date information is available to both Barracuda and the researchers regarding their testing and triage of new submissions.
Download the case study below to learn more about how Barracuda transitioned it’s bug bounty program.
We want to apply our resources in the places that make the most impact to our organization. That’s not on the front line, talking to researchers. The way that Bugcrowd has developed their platform and still allowed us access to researchers has created a clean, low friction interface between our teams and freed us to focus on issues that will make an impact on our security posture.
Empower Your Security Team With a Crowd of White Hat Hackers to Find and Fix Vulnerabilities in Your Code Before the Bad Guys Do.
From Our BlogJuly 22, 2021Points don’t matter; Your skills doJuly 21, 2021The Shocking Truth You May Not Know About Being A Full-Time Bug HunterJuly 20, 2021ZwinK’s Tips and Tricks to Crush Bug Bounty #9 & #10MORE BLOG POSTSNewsJuly 20, 2021Bugcrowd Awarded U.S. Patents for Crowd-Enabled Vulnerability DetectionJune 30, 2021Bugcrowd Welcomes New VP Of Customer Experience, Bolstering Company Mission to Provide Exceptional Service Throughout the Customer JourneyJune 8, 2021CISA Selects Bugcrowd and EnDyna to Run Its Vulnerability Disclosure Policy PlatformMORE NEWSEventsTips and Tricks to Penetration Testing: A Layered Security ApproachPen testing is widely known as a key security best practice. In fact, earlier this…Connect With UsVirtual Cyber Security Summit – DC Metro 2021The Eighth Annual DC Metro Cyber Security Summit goes virtual as it connects C-Suite &…Connect With UsVirtual Cyber Security Summit – Silicon Valley 2021The Fourth Annual Silicon Valley Cyber Security Summit goes virtual as it connects C-Suite &…Connect With UsMORE EVENTS
MORE BLOG POSTS
Pen testing is widely known as a key security best practice. In fact, earlier this…
The Eighth Annual DC Metro Cyber Security Summit goes virtual as it connects C-Suite &…
The Fourth Annual Silicon Valley Cyber Security Summit goes virtual as it connects C-Suite &…
Stay current with the latest security trends from Bugcrowd