Opportunity
Instructure, from its inception, has proactively published the results of its annual security survey to add full transparency to its security posture.
Initially the survey was based on traditional penetration testing results, but the team quickly realized this approach offered limited value and was not a comprehensive method to identifying critical vulnerabilities.
In 2014 Instructure turned to Bugcrowd to provide a more leading-edge and thorough crowdsourced based assessment.
Challenge:
Instructure’s traditional penetration testing approach offered limited value and was not a comprehensive method to identifying critical vulnerabilities.
Solution with Bugcrowd:
Working with Bugcrowd has moved Instructure beyond just the checkbox pen tests, to the results delivered by a cadre of human researchers with vast experience, knowledge and purpose.
New collaboration between Instructure’s vulnerability detection group and the remediation process engineering team has expedited faster vulnerability resolution.
Program Results:
Instructure has seen 5X growth in vulnerability findings over traditional security testing. The team is investing in additional Bugcrowd programs to expand the footprint of their security program. Read the full case study below to learn more about Instructure’s bug bounty program.

The cybersecurity landscape is an ever evolving one, so we knew we had to do something different, something innovative with this year’s audit, and that is what Bugcrowd offered us. We’ve continued with the Bugcrowd program because it consistently delivers quantifiable results and practical reports, tools that we then can use to internally remediate issues before they become customer problems. We now know what to tackle first.
Subscribe for updates
Read more customer case studies

Movember
Since 2003, Movember has raised awareness and funds for men’s health. In 2018 alone, the organization raised $87 million AUD....
Read MoreOkta
Efficiency and effectiveness of the crowd is really why we bring them on… Because we have the crowd involved in...
Read More
OWASP
Johanna is an OWASP volunteer for the technical setup of the OWASP bounty projects, helping to define clear bounty scopes...
Read MoreGet Started with Bugcrowd
Hackers aren’t waiting, so why should you? See how Bugcrowd can quickly improve your security posture.