For the Barracuda security team, working closer with the security research community was a great way for them to improve their overall security posture while exhibiting thought leadership.
Security
The managed bug bounty program has freed up Barracuda’s security team to spend more time working closely with their product teams–to educate and to help remediate bugs faster and more seamlessly
In 2010, Barracuda was one of the first organizations to launch their own bug bounty model. At the time, bug bounties were just gaining traction, and Barracuda has been integral in forging the path ahead for the crowdsourced security model.
As activity and interest from the security researcher community picked up at the height of their program, Barracuda recognized the need for a ‘gatekeeper’ to triage incoming reports and correspond with researchers.
The managed program has freed up Barracuda’s security team to spend more time working closely with their product teams–to educate and to help remediate bugs faster and more seamlessly. Bugcrowd’s hands-on expert management coupled with a powerful vulnerability disclosure platform, Crowdcontrol, eased all the challenges they faced running their own program…
We want to apply our resources in the places that make the most impact to our organization. That’s not on the front line, talking to researchers. The way that Bugcrowd has developed their platform and still allowed us access to researchers has created a clean, low friction interface between our teams and freed us to focus on issues that will make an impact on our security posture.
Dave Farrow, Senior Director, Information Security
Bugcrowd’s vulnerability disclosure and tracking platform, Crowdcontrol, offered Barracuda a seamless solution to receiving submissions, integrating with existing workflows and paying researchers.
As a large organization with dozens of product lines and multiple vulnerability collection streams–internal and external–Barracuda made it essential to integrate their bug bounty program into their security program as a whole.
Crowdcontrol’s integration with issue tracking system, Jira, ensures that bugs validated by Bugcrowd’s team, make it into the right hands in real time.
In its history, the Barracuda bug bounty program has seen immense success and received consistent engagement.
This consistent engagement is due in large part because of their positive relationship with the researcher community, strengthened by the Bugcrowd team. They have also expanded the scope of their program, which now includes Barracuda cloud services. Their continued commitment to the research community is a great example to other companies, especially security companies.
InVision, the award-winning product design collaboration platform, prioritizes product security with a robust approach to vulnerability management. To stay ahead...
Instructure, from its inception, has proactively published the results of its annual security survey to add full transparency to its...
Kenna Security is a leader in vulnerability management, serving many Fortune 100 companies and nearly every major vertical. Being a...
Hackers aren’t waiting, so why should you? See how Bugcrowd can quickly improve your security posture.