Catawiki’s Bid for Offensive Security Pays Off with Bugcrowd
Online marketplace finds 3x more vulnerabilities and streamlines security management after switch to Bugcrowd’s AI-powered crowdsourced security platform
October 22, 2024 — Bugcrowd, the leader in crowdsourced cybersecurity, has delivered a 3x improvement in vulnerability discovery for Catawiki, Europe’s leading online marketplace for special objects, since the Netherlands-based company moved to the Bugcrowd platform this summer.
Catawiki chose Bugcrowd after its previous bug bounty and pen testing programs failed to deliver the results the security team needed, with no pen test vulnerabilities found in 2022.
The online marketplace initially engaged the Bugcrowd pen testing solution, which uncovered four P2 vulnerabilities. Some of these discoveries affected the Catawiki API, a high-priority surface, which helped shape Catawiki’s security roadmap
By choosing Bugcrowd, Catawiki was no longer forced to juggle multiple engagements with different pen test and bug bounty providers, and it no longer needed to port results from one provider to another. It was also able to eliminate the numerous onboarding and monitoring meetings that were part of its prior security efforts.
Catawiki subsequently transitioned to a managed bug bounty program with Bugcrowd, which caught three times more vulnerabilities in the first two months than the industry standard. The ability to manage both programs through the Bugcrowd platform has streamlined management and improved Catawiki’s security posture.
Aristide Bouix, Head of Product Security, Catawiki, said: “Combining pen testing and bug bounty through Bugcrowd helps our team meet immediate security requirements while proactively reducing risk. It gives us the scale and agility to stay ahead of today’s biggest threats and tomorrow’s unknown challenges.”
Paul Ciesielski, Chief Revenue Officer at Bugcrowd said: “In embracing pen testing and bug bounty Catawiki was doing all the right things, but was not getting the results it expected. The Bugcrowd platform connected Catawiki’s security team with Bugcrowd’s hacker community, simplified programme coordination, and improved communications. Most importantly, the switch to Bugcrowd identified vulnerabilities Catawiki didn’t know it had, enabling it to secure its auctions and online sales.”
Find out more about how Catawiki is maximising security ROI with Bugcrowd in this case study.
About Bugcrowd
We are Bugcrowd. Since 2012, we’ve been empowering organizations to take back control and stay ahead of threat actors by uniting the collective ingenuity and expertise of our customers and trusted alliance of elite hackers, with our patented data and AI-powered Security Knowledge Platform™. Our network of hackers brings diverse expertise to uncover hidden weaknesses, adapting swiftly to evolving threats, even against zero-day exploits. With unmatched scalability and adaptability, our data and AI-driven CrowdMatch™ technology in our platform finds the perfect talent for your unique fight. We are creating a new era of modern crowdsourced security that outpaces threat actors.
Unleash the ingenuity of the hacker community with Bugcrowd, visit www.bugcrowd.com. Read our blog.
“Bugcrowd”, “CrowdMatch”, and “Security Knowledge Platform” are trademarks of Bugcrowd Inc. and its subsidiaries. All other trademarks, trade names, service marks, and logos referenced herein belong to their respective companies.
About Catawiki
Catawiki is the leading online marketplace for special objects that fulfil people’s passions. Over 75,000 objects are offered in auction every week – each reviewed and selected by one of Catawiki’s hundreds of in-house experts specialised in Art, Design, Jewellery, Fashion, Classic Cars, Collectables and much more. Catawiki is headquartered in Amsterdam with over 750 employees across the world. Fulfil your passion on catawiki.com or download the app.
Contact
Krison Thakkar
KThakkar@ZonicGroup.com
press@bugcrowd.com