Download Case Study

Schoology brings together the best K-12 learning management system with assessment management to improve student performance, foster collaboration, and personalize learning.

Security has been part of Schoology’s DNA from the beginning. However, like many others, Schoology realized the evolving nature of security threats and looked for innovative ways to address them.

Schoology turned to Bugcrowd to implement a crowdsourced security program, assisting in keeping the safety and security of its users intact.


  • As schools transition away from paper, textbooks, and projectors, there’s a growing opportunity for new tools and platforms geared toward educators.
  • The introduction of new technologies into the classroom also expands the attack surface.
  • Last year, the education sector accounted for 13 percent of all data breaches, resulting in the compromise of an estimated 32 million records.

Solution with Bugcrowd

  • Today, Schoology runs a private Bug Bounty Program and a Vulnerability Disclosure Program with Bugcrowd.
  • Thanks to Bugcrowd’s continued coaching and flexibility, Schoology has been able to constantly revamp its programs to get some of the most informative and productive reports.

Program Results

  • Schoology now aligns application testing efforts with its development cycle, giving the team the confidence the code released to millions of users achieves the highest industry standards in cybersecurity.
  • Bugcrowd’s program has also helped Schoology to recognize educational opportunities for the engineering team and ways to make processes around security more stringent and efficient.
  • Bugcrowd continues to provide agile support to accommodate Schoology’s changing needs in order for the company to continue to see ROI.
Security is the foundation on which users trust Schoology. We are committed to users privacy and it is important that we continue to be a platform that users trust. We partnered with Bugcrowd to make our security program stronger, harnessing the breadth and depth of skilled security testers matched with an incredibly powerful platform and team.
Alberto Silveira VP of Software Engineering

Program Facts

Use Case
Keeping Students' and Teachers' Data Safe
Program Type
Private Bug Bounty and VDP

Learn More About How Vulnerability Disclosure Programs Help You Find Vulnerabilities in Your Code Before the Bad Guys Do.