This website use cookies which are necessary to its functioning and required to achieve the purposes illustrated in the privacy policy. To learn more or withdraw consent please click on Learn More. By continued use of this website you are consenting to our use of cookies.

Code.org Adds a Layer of Always-on Security Testing with Bugcrowd

Download Case Study

Code.org is a nonprofit dedicated to expanding access to computer science in schools and increasing participation by women and underrepresented minorities.

Like many other education platforms, Code.org maintains compliance with several international, US federal, and state laws for data security and privacy including GDPR, FERPA, COPPA, PPRA, SOPIPA, and HB 5469, amongst others. That’s why their Software Development Cycle includes an embedded security review process for every proposed platform change, automated testing to ensure that assertions about the security of the platform do not lapse or regress when new features are shipped, and as of last year, a continuous security testing program with Bugcrowd.

Challenge:

Code.org utilized other external security programs to supplement robust internal security solutions, but they were found to be costly and lacked sufficient return on investment.

Solution with Bugcrowd:

A private, fully managed Bug Bounty Program for an ‘always-on’ approach to protecting student and educator information

Program Results

Consistent program engagement for more quality vulnerabilities
Risk reduction, resource efficiency, and workflow integration that helps reduce friction between Security and Development lifecycles