Likelihood to Recommend Bugcrowd is great for bug bounty programs and as a cheaper alternative to a full-blown penetration test. Small to medium-sized companies who are serious about security, but don't have the budget for a $40,000 penetration test, this is a great solution. Bugcrowd isn't going to be able to do much of the white-box penetration testing (code reviews), as they are more suited for grey-box and black-box. A program like this will need at least one dedicated person to work with the moderator, verify findings, and decide on the severity of the finding.
Read full review Zscaler Internet Access is an internet tunnel that pairs with the network adapter to secure traffic between servers and workstations. It can refresh policies automatically and log intrusions but does not broadcast intrusions. Cloud-based Zscaler Internet Access is easy to deploy and scale, with no hardware or software needed. In a hybrid model, Zscaler Internet Access performs some security functions on-premises and others in the cloud, allowing organizations to keep infrastructure. There is a slight learning curve from VPN and appliance architecture to this paradigm.
Read full review Pros Having a pool of security researchers helps keep the penetration tests broad, getting the most bang for your buck. The integration with Slack makes it easy to keep tabs on the program and when new findings are submitted. The interface is pretty simple to use and fairly intuitive. Read full review Zscaler completely moved away from the traditional firewall setup to a hosted firewall solution. We don't have to worry about the hardware failing or maintaining it as part of our service plan compared to our on-premise firewall. Zscaler has a lot of data centres across the world where they are maintaining their solutions so mobile consultants will always be close to one of their data centres. Rolling out Zscaler solutions to our end customers' computers is actually pretty easy and hassle-free. As part of onboarding of new employees we can set up the Zscaler solution and push it to our end users' machines and get them connected to the cloud solutions. Zscaler does proper market research on the latest emerging threats and they keep their firewall patched and updated to the latest versions so the security team does not have to worry about keeping the firewall updated. Read full review Cons The success of your program highly depends on the moderator that is assigned to your project. A good moderator will continue to find researchers until the quota is full. Less than stellar moderators will send out one invite and sees what sticks. Not all researchers are as professional as one might hope. This can ruin the experience. Read full review Chat or email support is not available. Only option is to either call them or raise a ticket by logging into their website. Pricing is not transparent and quote based. Access to websites is a little too slow with Zscaler monitoring on. Read full review Usability Zscaler is a mandatory solution required by almost every large organization with a workforce working remotely or using cloud-based apps. Its deployment is relatively easy and it keeps on working in the background without actively bothering the user. Apart from a few weird messages which a user is unable to comprehend, Zscaler is able to provide fast and safe access to the internet and other external applications.
Read full review Support Rating I cannot give a fair rating for this as I have not had to contact Zscaler support. There was one time we had to contact them because we needed to check if they were having issues on their end. Our ISP was actually the problem but support seemed very friendly.
Read full review Alternatives Considered Budget was ultimately the reason we went with Bugcrowd initially. Bugcrowd allowed for us to come up with our own bounty scale to fit out budget. Most other companies had a fixed scale, or the scale was not as flexible as we wanted it. Traditional penetration testing companies were very expensive.
Read full review Zscaler Intenet Access proved to be superior and the difference for us was the speed of policy delivery since your policy is applied in a web console and is effective in a matter of seconds. Another point to congratulate the solution is its compatibility with different platforms (macOS, Linux, Windows, Android, and iOS).
Read full review Return on Investment We have received some great results for a great price. We've also received some poor results at the same price. Bugcrowd is not always recognized as a "real" penetration test, but for the most part, we have not had any problems with customer accepting our reports. Overall, Bugcrowd has been an overall good experience, but we have had a poor moderator from time-to-time that has resulted in less than ideal results. Read full review ROI is there and it is safeguarding the data and user access to net. Being a cloud based can be scaled up when required. Third parties can be allowed based on the company IT policies (Clients or Vendors etc.) for business perspective. Read full review ScreenShots