Case Study: Rapyd achieves continuous crowdsourced security and 18-day average remediation with Bugcrowd PTaaS and a public bug bounty

Rapyd Takes Security to the Next Level with PTaaS and a Public Bug Bounty on the Bugcrowd Platform

Rapyd is a global FinTech company that simplifies cross-border commerce with API-driven payment technology. As the business grew through rapid expansion and acquisitions, Rapyd needed continuous, specialized security testing—especially for APIs—and better visibility into attack surface and asset inventories during M&A activity.

Rapyd partnered with Bugcrowd for Penetration Testing as a Service and a private-to-public bug bounty, using CrowdMatch to recruit specialized API testers and integrating findings into Jira and Slack. In a year the program uncovered about 40 vulnerabilities (15 critical), reduced average time-to-fix to 18 days (vs. 31 industry average), launched a public program within six months, and began integrating bug bounty workflows into their SDLC for sustained security improvements.

Rapyd

Achiad Avivi

Applications Security