Wink’s initial Bugcrowd Flex program includes two phases. The first phase is a two-week inviteonly effort consisting of 26 researchers focused on specific areas of specific Wink products. This is followed by a long-term phase where an extended set of researchers continue to submit vulnerabilities for the products available in the first phase, but also other products and features opened up to the program. This flexibility remains a key feature of the Bugcrowd solution as Wink is able to control the cost while adjusting the program based on how and when new technologies are released.
“The value of a single bug found in our initial program paid for the entire program—I would have paid ten times as much for that one vulnerability,” -Kit Klein, Head of Engineering