Pinterest turns to Aussie startup Bugcrowd for protection as cybersecurity fears grow
Wednesday, May 28, 2014/
Bugcrowd is a marketplace for security testing websites where companies offer bounties to its network of security researchers for capturing vulnerabilities in their code.
The startup’s CTO, Chris Raethke, says they’re thrilled to have Pinterest on board.
“It’s amazing, it’s nice to see companies that are consumer focused joining us, the security among tech companies are often reserved to people who are in the developer kind of space,’’ he says.
“People are getting to the point now where they reach a certain stage where they’d like to do more security wise, but not a lot of companies are in a position like Facebook to go it alone.”
In a statement introducing its bug bounty program, Pinterest security engineer Paul Moreno says the company hopes tapping into Bugcrowd’s network of over 9000 security researchers will allow it to learn more from the security community and respond faster to white hats.
“We anticipate a much more efficient disclosure process as a result, and an even stronger and bug-free environment for Pinners,’’ he says.
The general public might be more aware of the importance of software security than ever before after the Heartbleed bug and it’s well documented consequences earlier this year.
Raethke says while the majority of consumers still don’t understand the full impact of something like Heartbleed, they are more aware of the need for security and as a consequence companies are too.
“Big companies are really trying, and that’s what happens when there is such an awareness around security, people are stepping up their game,’’ he says.
“But it does take time to get up to that next level.”
Bugcrowd raised $1.6 million in seed funding last year and its pool of researchers has steadily grown since beginning in 2012.
The company is now based in San Francisco but Raethke says it will always have a presence in Australia both because of patriotism and the need to service the market in this region of the world.
“We have some amazingly talented developers and security people in Australia,’’ he says.
“It won’t ever be that we never have a presence here, but we’re focusing on the US moment.”