Case Study: Brussels Airlines strengthens IT security and uncovers critical vulnerabilities with Intigriti

Brussels Airlines leverages the power of Bug Bounty through intigriti platform to discover critical vulnerability not detected by pentests

Brussels Airlines, part of the Lufthansa Group, needed to overcome internal resistance to crowdsourced ethical hacking and concerns about scope and cost when exploring a bug bounty program. CISO Jean‑François Simons engaged Intigriti and its bug bounty platform to help define a clear scope, set reward limits, and secure executive buy‑in for using ethical hackers rather than exposing the airline to unmanaged risk.

Intigriti supported a staged approach—recommending penetration testing first and then running a scoped bug bounty through its platform—resulting in ethical hackers finding a critical vulnerability that Brussels Airlines mitigated. The program delivered measurable benefits: a patched critical issue, stronger collaboration between internal teams and external researchers, greater security awareness and DevOps learning, and access to Intigriti’s large ecosystem (90,000+ researchers and 400+ live programs) to sustain ongoing security improvements.

Brussels Airlines

Jean-Francois SImons

Chief Information Security Officer