Case Study: CM Group achieves continuous vulnerability detection, faster remediation, and tens of thousands in cost savings with Bugcrowd Bug Bounty

CM Group Extends Its Security Team With Bug Bounty Program

CM Group, a collection of email marketing platforms serving B2B and B2C customers, faced growing security challenges as it expanded through mergers and acquisitions. Annual outsourced penetration tests were costly and provided only point-in-time coverage, while in-house security couldn’t scale across multiple brands and continuous development cycles, leaving the company seeking a more responsive, cost-effective vulnerability management approach.

CM Group implemented Bugcrowd’s private bug bounty and vulnerability disclosure programs, integrating findings into workflows (Jira) and adopting Bugcrowd’s VRT for consistent prioritization. The programs delivered faster vulnerability discovery and remediation, access to broader security expertise, streamlined workflows, and tens of thousands of dollars in annual cost savings—giving the company and its customers greater peace of mind and stronger ROI.

CM Group

Agathe Savard

Global Security Manager