It’s an exciting time to be in information security. Black hats are attacking more web sites, constructing more 0-day threats and phishing more credentials and payment data. The proliferation of smart IoT devices and new technologies create opportunities for malicious activities. Nation State actors and the vulnerabilities they exploit are gaining visibility.
What strikes me, though, is how the security community has risen to these challenges. The demand for security professionals is higher than ever, but so is the supply — new generations of security researchers, responders and leaders are coming from all corners of the globe. These are people who have a passion for making the world a safer place through technology and education. And just as business can benefit from consolidation of security vendors, we also gain by consolidating the shared experience, knowledge and creativity of this new global resource.
That’s why I am very happy to announce that Centrify has opened a public bug bounty program today with the help of Bugcrowd and their crowdsourced team of 50k+ security researchers.
Bugcrowd has a strong track record of helping companies engage the global security community with successful bug bounty programs. Along with our regular code audits, vulnerability testing, and third party security assessments, Centrify has engaged with Bugcrowd for the past two years to manage private bounty programs. Bugcrowd’s structure, program management and researcher engagement methodology consistently produces value, and proves to be a strong addition to our security program.
If you are interested in helping other organizations worldwide become more secure, I encourage you to sign up as a security researcher with Bugcrowd, and help us all meet the security challenges that we face today and the ones that lie ahead.
Learn more about the state of security and how to stop a breach here.
This originally appeared on Centrify's blog on June 7, 2017.