Case Study: National Australia Bank achieves stronger security and reduced risk with Bugcrowd Vulnerability Disclosure Program

National Australia Bank Strengthens Security with Bugcrowd Vulnerability Disclosure Program

National Australia Bank (NAB), one of Australia’s largest business banks with more than 32,000 colleagues serving over eight million customers, lacked a formal, uniform way for external security researchers to disclose potential vulnerabilities as its digital attack surface grew. Without a standardized intake and triage process, NAB needed a scalable solution to surface and manage security issues from the wider research community.

NAB partnered with Bugcrowd to launch a Vulnerability Disclosure Program and later a bug bounty program, gaining access to a global, diverse pool of researchers and a managed triage process. The programs uncovered numerous critical findings, strengthened remediation workflows, reduced risk, saved internal resources, and improved overall security posture and relationships with the whitehat community, while creating a pipeline for ongoing testing and talent recruitment.

National Australia Bank