Private Bounty Program Leverages Bugcrowd’s Crowdsourced Research Team for More Robust Security Testing
Arkose Labs, the leading provider of advanced fraud prevention technology for the world’s most targeted enterprises, announced an exclusive private bug bounty program with Bugcrowd, the #1 crowdsourced security platform. The program will enable a continuous assurance of the stability and strength of the various product features that make up the Arkose Labs system.
With a private bounty program, Arkose Labs will gain access to Bugcrowd’s Elite Crowd, and is able to tailor its testing pool based on specific skill sets to help eliminate account takeover attacks, fake user registrations, and other types of fraud and application abuse. Arkose Labs will now have more direct communication with a smaller group of testers, and can harness the power of the crowdsourced model while retaining more control to test and introduce new challenges to market faster.
“As a security company in the fraud prevention space with an end-user facing product, we are lucrative targets for a wide range of attackers using innovative methods, such as Single Request Attacks,” said Anna Westelius, senior director of engineering at Arkose Labs. “Compromising our proprietary challenge response mechanism, Enforcement, requires a very specific skill set and partnering with Bugcrowd ensures we have a more informed path forward to stay ahead of attackers.”
Following the launch of the public bounty program in 2018, Arkose Labs saw significant value in crowdsourced cybersecurity, specifically in the development process. Utilizing crowdsourced testing as an additional validation step during development enables Arkose Labs to test features against “real world” attackers and gain insight into how attackers approach an attack on the company’s system. The new private program empowers Arkose Labs with the knowledge on what is still good enforcement technology for a more informed path forward.
Bugcrowd connects organizations with hundreds of highly skilled and diverse whitehat hackers, and a team of security experts helping triage vulnerability submissions as they come in to manage crowdsourced security programs. Bugcrowd’s Elite Crowd is comprised of the top researchers, measured in two key areas:
- Skill: A standard of high-impact submissions, averaging only high and critical submissions across a range of specific attack surface areas.
- Trust: Proven trust through ID verification and success working on private programs for top customers.
“Arkose Labs is unique in its approach to fighting online fraud and abuse, led by the sophisticated challenge mechanics it deploys through Enforcement,” said Ashish Gupta, CEO of Bugcrowd. “By partnering with us on a private bounty program, Arkose Labs is demonstrating its commitment to protecting the world’s largest enterprises from increasingly sophisticated attacks, and will continue to stay ahead with a more informed approach.”
The Arkose Labs system exclusively stops abuse before it occurs with zero impact to user conversion, and Arkose Labs is the only provider to offer a service-level agreement to back the efficacy and accuracy of proprietary defenses.