Customer AMA webinar recap: Schibsted

Bugcrowd's conversation with Schibsted, a Nordic media company, highlighted the benefits and experiences of launching a bug bounty program with Bugcrowd. Schibsted's Application Security Engineer, Gabriel Berrios, discussed the decision to adopt a bug bounty program to enhance their security posture by leveraging the expertise of security researchers who can identify deeper vulnerabilities beyond what their current tools detect. The program is structured with varying scopes and rewards based on the severity of identified vulnerabilities, emphasizing the importance of building strong relationships with researchers through good communication, bonuses, and appreciation for their efforts. Schibsted shared impactful findings from their program, including valuable DNS insights that led to significant domain cleanups. They choose Bugcrowd over other providers to access a broader pool of researchers, benefiting from new types of submissions and effective management by Bugcrowd's triage team, who excel at filtering and assessing the severity of findings.