Bugcrowd today announced that Navitas has launched a private bug bounty program with Bugcrowd to identify and resolve security vulnerabilities.
Navitas delivers educational programs to 60,000 aspirational students each year across its network of 92 colleges and campuses in 24 countries around the world. Under the bug bounty program, dozens of Bugcrowd security researchers will test Navitas’ web applications for security risks on an ongoing basis.
Ethical hackers who identify and remediate any valid threats will receive a bug bounty financial reward of up to AUD $3,700 (USD $2,500), depending on the severity of the uncovered threat.
Gavin Ryan, Global Head of Information Security for Navitas, selected the Bugcrowd crowdsourced security solution based on its proven track record of being able to scale, reduce costs and risks through a continuous testing process, along with the extensive global reach of its researcher team.
“At Navitas we take the security of our data and applications extremely seriously and are always seeking innovative ways to protect the private information of our students and staff from continuous and fast-changing cyber threats,” said Gavin Ryan. “We are pleased to partner with Bugcrowd to take advantage of its extensive network of trained security researchers who can help us find and resolve online vulnerabilities before attacks occur. Only a month into the program, we are already realising the benefits of a bug bounty program and plan to extended it to include agile continuous security testing across selected non production environments”.
Bugcrowd’s ability to deliver a fast return on investment through crowdsourced bug bounties, rather than undertaking lengthy and costly consulting engagements, was one of the biggest contributing factors in its selection.
The solution’s continuous assurance model was also better positioned to safeguard Navitas’ global attack surface, which had made traditional penetration testing less tenable and less effective for ongoing application security assurance.
“Bugcrowd is excited to work with Navitas in assisting to protect both their data and applications with a comprehensive bug bounty strategy and a non production testing strategy,” said Nick McKenzie, Chief Information and Security Officer at Bugcrowd. “Our extensive global crowdsourced security team has the ability to scale for Navitas’s requirements, provide critical protections around the clock, and through the introduction of non-production testing regimes will help the Navitas business deliver at a higher digital velocity. We are happy that both control outcomes and the economics of the program’s delivery (vs other testing regimes) have exceeded expectations.”
“Bugcrowd” and the “Bugcrowd Security Knowledge Platform” are trademarks of Bugcrowd Inc. and its subsidiaries. All other trademarks, trade names, service marks and logos referenced herein belong to their respective companies.