As the world's leading product design platform with over two million users, InVision has developed a best-in-class security strategy since day one.
Today we're thrilled to announce that they're taking the next step toward bolstering their product security with the launch of their public bug bounty program.
Utilizing the diversity and volume of the crowd gives InVision's security team a leg up in an environment in which building and maintaining secure products is becoming more complex and difficult. Along with their robust internal security efforts and high caliber of external security assessments, their bug bounty program gives them an added layer of testing.
"We prioritize our customer’s security at InVision, and have a larger security team than most companies our size, yet even with our strong internal resources, we know that today’s threat environment necessitates being ahead of the curve. With Bugcrowd’s broad and diverse crowd of researchers, we benefit by leveraging a huge ‘virtual team’ that’s always bringing fresh perspectives, innovative expertise and a different mindset to shore up our overall security.”
Johnathan Hunt, Vice President of Information Security for InVision.
We are excited to welcome InVision to the Bugcrowd platform, joining hundreds of organizations who are pioneering the adoption of bug bounty programs. Read more about InVision's commitment to security on their blog.
About their program:
- View full brief details here.
- Target: projects.invisionapp.com
- Built with: ColdFusion, Java
- Rewards: Up to $1500 per vulnerability
- Disclosure Policy: Requires explicit permission to publicly disclose