Rapyd Enhances Security with Bugcrowd Solutions

This case study details how Rapyd, a FinTech company, improved its security posture by implementing Penetration Testing as a Service (PTaaS) and a public Bug Bounty program through Bugcrowd. Initially, Rapyd utilized various crowdsourced security methods, including HackerOne Bug Bounty, but sought to enhance continuous security testing as their organization expanded. The need for specialized knowledge in API security assessments during mergers and acquisitions prompted this shift. After partnering with Bugcrowd, Rapyd successfully launched a public program within six months, discovering 15 critical vulnerabilities and nearly 40 total vulnerabilities in the past year. The average time to fix vulnerabilities was reduced to 18 days, compared to the industry average of 31 days. The case study emphasizes the importance of a well-prepared process and the active involvement of Rapyd's security team in the program's strategy and operations, highlighting their commitment to integrating security measures into their development lifecycle.