Learn how TaxSlayer keeps taxpayers data safe and secure with Bugcrowd.

Security at TaxSlayer

Based out of Augusta, Georgia, TaxSlayer, a leading tax preparation and financial technology company, offers the ability for millions of Americans to electronically file their taxes. The company successfully completed more than 10 million state and federal e-filed tax returns in 2018 and processed $12 billion in refunds. TaxSlayer is highest rated for ease of use, speed of filing, best value and most trusted according to the 2017-18 American Online Tax Satisfaction Survey. Customers rate TaxSlayer’s TrustScore is an 8.5 out of 10 on Trustpilot. Given the nature of their business, having security built into its software is paramount.

Ease of Use & Cost Effectiveness

While TaxSlayer wanted to employ the expertise of independent, unbiased researchers outside of the organization for breath and depth of testing, they also wanted the flexibility to tailor their testing pool based on specific skill sets.

Private bug bounty programs allow organizations to harness the power of the Elite Crowd – diversity of skill and perspective at scale – in a more controlled environment. At Bugcrowd, only those researchers who have a proven track record, those who have proven their skill and trustworthiness receive invitations to private programs. Private programs can be scoped or built around a customer’s testing needs and parameters. A private program can also meet requirements around background checking, ID verification or even location.

Bugcrowd provides TaxSlayer with access to Elite whitehat hackers around the world who test the front- and back-end functionality of TaxSlayer’s professional and individual tax preparation products. With help from Bugcrowd, TaxSlayer offers a secure and reliable product for the millions of Americans that use its service.

For TaxSlayer, implementing a bug bounty program with Bugcrowd was a no brainer, freeing up internal resources and demonstrating a return on investment immediately.

The Program Paid for Itself

Prior to running a bug bounty program with Bugcrowd, TaxSlayer lacked visibility. While they were using a variety of application security testing solutions, they worried vulnerabilities were falling through the cracks. Implementing a bug bounty program with Bugcrowd provided the visibility TaxSlayer needed to quickly find critical vulnerabilities.

More Secure Coding

TaxSlayer not only uses the vulnerability information to remediate vulnerabilities, the company has used it as a training tool for the security and development teams. Bugcrowd hackers provide a lot of detail about how to replicate the bugs and the remediation steps and resources include details on how to avoid the vulnerability in the future. TaxSlayer uses this information to train their internal teams.

The Bugcrowd Advantage

Bugcrowd simplifies and streamlines vulnerability disclosure and remediation. With the largest, most experienced team for managed crowdsourced security programs Bugcrowd has 4x more experience managing bug bounty programs than the competitor.

• An all-in-one platform for simplified vulnerability reporting and solution management.
• Comprehensive onboarding for each program: Program briefs, with scope, rewards and rules/regulations drive great accurate,
  actionable submissions with less noise.
• Expert triaging: Eliminates clean-up work for the internal security for faster risk reduction.