Bugcrowd Security Solutions Help Softdocs Reduce Risk Across The Etrieve Platform

Download Case Study

Softdocs develops enterprise content management (ECM), e-forms and process automation solutions exclusively for the higher education and K-12 markets.

The information held by Education ECM platforms can be highly personal, and therefore vulnerable to abuse or misuse. The cost of compromise for this data is grave — valued at more than $300 per affected record. While reputational damage can be costly, it pales in comparison to the personal and financial devastation for affected students. Softdocs takes this risk seriously, and has enlisted Bugcrowd to help protect students, and educators around the world.

Challenge:

  • Softdocs wanted diversified testing approaches, but still needed to meet several compliance initiatives. Internal alignment was also key, as crowdsourced testing was a new approach for many teams within the organization.

Solution with Bugcrowd:

  • Bugcrowd’s fully managed Next Gen Pen Test and Bug Bounty programs ensure that Softdocs retains ultimate control over researcher selection and engagement workflows, while still benefiting from the diversified testing they had been missing from previous testing initiatives.

Program Results

  • Pay for results: A cost model built on results rather than effort provides more value for money.
  • Competitively motivated: Rewarding unique discoveries delivers more high value results, faster.
  • Bandwidth back: An elastic team of testers enables Softdocs to refocus internal resources on remediation efforts.
  • Risk reduction: Negative testing (testing that surfaces no new flaws) provides validation of a secure foundation, enhancing overall security posture.
  • Education: Surfacing those patterns that are exceptions to, rather than flaws in code provide a chance to learn and grow from things not typically targeted.

 

Since we pay for results rather than effort, we can scale out to many researchers, and the cost is inversely proportional to how secure we are.
William Scalf Security Architect at Softdocs

Program Facts

Industry
Enterprise Content Management for Higher Education
Use Case
Ensuring the security of students and educators everywhere
Program Type
Next Gen Pen Test, Managed Bug Bounty

Empower your security team with a Crowd of white hat hackers to find vulnerabilities in your code before the bad guys do.