“It’s a no brainer. You’re getting a much larger pool of people with different back grounds… whether they’re cloud or mobile or firmware and they’re looking at the product. You get a much better sense of the quality and security of the device rather than going to one or two people.” -Brian Knopf, Principal Security Advisor

Wink’s initial Bugcrowd Flex program includes two phases. The first phase is a two-week inviteonly effort consisting of 26 researchers focused on specific areas of specific Wink products. This is followed by a long-term phase where an extended set of researchers continue to submit vulnerabilities for the products available in the first phase, but also other products and features opened up to the program. This flexibility remains a key feature of the Bugcrowd solution as Wink is able to control the cost while adjusting the program based on how and when new technologies are released.

“The value of a single bug found in our initial program paid for the entire program—I would have paid ten times as much for that one vulnerability,” -Brian Knopf, Principal Security Advisor

Download the Case Study