This website use cookies which are necessary to its functioning and required to achieve the purposes illustrated in the privacy policy. To learn more or withdraw consent please click on Learn More. By continued use of this website you are consenting to our use of cookies.

Crawl, Walk, Run: How Twilio Has Successfuly Harnessed the Power of the Crowd for Years

Download Case Study

Twilio, the cloud communications company out of San Francisco, CA, is an early adopter and innovator in the cybersecurity domain. Although they have consistently prioritized Product Security, they wanted to concentrate their efforts on the areas of greatest risk. To help augment their internal and external testing efforts, they turned to the crowd to start uncovering more vulnerabilities and learn from those findings.

Solution with Bugcrowd:

Twilio started with a private bug bounty program and moved to a public bug bounty program.

Program Results

Crowdsourced testing has improved upon their existing Product Security initiatives, finding additional unknown and high-value vulnerabilities and an incredible return on investment.
The additional layer of triage and validation provided by Bugcrowd has allowed them to increase their vulnerability finding capabilities while freeing up resources and allowing their security team to focus on other areas of the business.

By adding the power of the talented researcher community to our Product Security program, we’ve learned a lot about how people outside the company think about our products, additional scenarios where products can be at risk and what else we could do to protect our products. We’ve used this information to put a sharper focus on the areas of greatest risk, which has been invaluable to us as we scale.

Coleen Coolidge Senior Director, Information Security