Case Study: Directly protects customer data and reputation while maintaining agility with Bugcrowd Bug Bounty

Customer Experience Pioneer Directly Protects Customer Data and Reputation With Bugcrowd

Directly, a customer-experience pioneer that combines AI and a community of experts to reduce contact-center volume and improve customer satisfaction, needed to protect the sensitive customer data that powers its platform without slowing its fast, two-week sprint development cycle. Maintaining trust and regulatory compliance while preserving agility was a core challenge for the company.

Directly has used Bugcrowd’s Bug Bounty program since 2016, with researchers reporting issues into a sandbox where Bugcrowd validates and triages findings for Directly’s engineers to patch immediately or include in the next sprint. The program delivered faster vulnerability response, validated mitigation of high‑severity issues, and strong ROI—all without hindering innovation (more than 460 submissions from 447 researchers between 2016–2020)—helping safeguard reputation and customer trust.

Directly

Bob Zinga

Director of Information Security