Case Study: Axis Communications strengthens IoT product security with Bugcrowd

Axis Communications expands to 8,000+ hackers with Bugcrowd

Axis Communications, a leader in network video surveillance and IoT solutions, faced the challenge of securing its diverse and widely deployed products against increasingly sophisticated cyberattacks. Their internal security processes and work with individual hackers were insufficient to test the broad attack surface of their embedded Linux devices. To scale their security efforts, Axis partnered with Bugcrowd to implement a structured bug bounty program.

Bugcrowd provided a platform to engage a large, specialized community of ethical hackers, starting with a private program for AXIS OS. The solution included CrowdMatch technology to connect Axis with relevant experts and a triage process to ensure only validated vulnerabilities reached their team. The results were significant: over 8,000 hackers were engaged, leading to 35 CVE disclosures directly from the program. This success allowed Axis to expand to a public program and add a second program for its camera station software, greatly enhancing its product security.

Axis Communications