Bugcrowd, the crowdsourced cybersecurity firm, has announced that Navitas, an education provider, has launched a private bug bounty program with Bugcrowd to identify and resolve security vulnerabilities.
Navitas delivers educational programs to 60,000 aspirational students each year across its network of 92 colleges and campuses in 24 countries worldwide. Under the bug bounty program, dozens of Bugcrowd security researchers will test Navitas' web applications for security risks on an ongoing basis.
Ethical hackers who identify and remediate any valid threats will receive a bug bounty financial reward of up to AU$3,700 (US$2,500), depending on the severity of the uncovered threat.
Gavin Ryan, Global Head of Information Security for Navitas, selected the Bugcrowd crowdsourced security solution based on its proven track record of being able to scale, and reduce costs and risks through a continuous testing process, along with the extensive global reach of its researcher team.
“At Navitas we take the security of our data and applications extremely seriously and are always seeking innovative ways to protect the private information of our students and staff from continuous and fast-changing cyber threats,” says Ryan.
“We are pleased to partner with Bugcrowd to take advantage of its extensive network of trained security researchers who can help us find and resolve online vulnerabilities before attacks occur. Only a month into the program, we are already realising the benefits of a bug bounty program. We plan to extend it to include agile continuous security testing across selected non production environments."
Bugcrowd's ability to deliver a fast return on investment through crowdsourced bug bounties rather than undertake lengthy and costly consulting engagements, was one of the most significant contributing factors in its selection.
Bugcrowd is a provider of crowdsourced cybersecurity solutions purpose-built to secure the digitally connected world. The Bugcrowd Security Knowledge Platform enables businesses to do everything proactively possible to protect their organisation, reputation and customers with products like bug bounty, penetration testing-as-a-service, and more. Bugcrowd uncovers and remediates vulnerabilities before they interrupt business by leveraging expert ingenuity and the knowledge of its security researchers.
The solution’s continuous assurance model was also better positioned to safeguard Navitas’ global attack surface, which had made traditional penetration testing less tenable and less effective for ongoing application security assurance.
“Bugcrowd is excited to work with Navitas in assisting to protect both their data and applications with a comprehensive bug bounty strategy and a non production testing strategy,” notes Nick McKenzie, Chief Information and Security Officer at Bugcrowd.
“Our extensive global crowdsourced security team has the ability to scale for Navitas’s requirements, provide critical protections around the clock, and through the introduction of non-production testing regimes will help the Navitas business deliver at a higher digital velocity. We are happy that both control outcomes and the economics of the program's delivery (vs other testing regimes) have exceeded expectations.”