Find out how Kenna Security garners more value from Bugcrowd than with other firms and tools

Download Case Study

Opportunity

Kenna Security is a leader in vulnerability management, serving many Fortune 100 companies and nearly every major vertical. Being a top vulnerability management platform, the security of its own platform is top of mind to protect threat intelligence and customer’s data. Kenna Security employs a slew of cybersecurity tools and services to ensure protection, including a bug bounty program. Kenna Security turned to Bugcrowd to manage the bug bounty program all the way through remediation.

Challenge:

  • For a number of years, Kenna ran its own bug bounty program. While very successful, their security team was finding it difficult to manage the sheer number and varying quality of incoming reports.
  • Kenna did not have the breadth, nor the reach needed to get the number or quality of testers they needed for a successful program.

Solution with Bugcrowd:

  • The company launched its first managed bug bounty program with Bugcrowd in early 2014.
  • Kenna Security integrates Bugcrowd into its overall software development lifecycle, from beginning to end.
  • Kenna Security’s bug bounty program adheres to the VRT.

Program Results

  • When Kenna moved its bug bounty program over to Bugcrowd, they saw an immediate improvement in submission “noise,” which ultimately optimized internal team resources and security spend.
  • Over the course of its latest program, they have been able to maintain strong engagement across targets.
  • Based on a Kenna Security’s security maturity and business priorities, Bugcrowd has helped Kenna’s security team map out a bounty reward range best aligned to the business needs.
The biggest benefit we see from Bugcrowd is the team’s ability to help in managing the bug bounty program so that once reports get to our security team, the are already deduped, validated and triaged. All our security team has to do is fix the bug. Bugcrowd has the best managed services.
Ed Bellis Co-founder, CTO, Kenna Security

Program Facts

Industry
Cybersecurity
Use Case
Better bug bounty program management
Program Type
Public Bug Bounty

Empower Your Security Team With a Crowd of White Hat Hackers to Find and Fix Vulnerabilities in Your Code Before the Bad Guys Do.