As Cybersecurity Awareness Month comes to a close, Synack would like to raise awareness of (and a glass to) many wins in crowdsourced security testing! The message from businesses and governments globally is clear that crowdsourced security testing’s (CST) ability to address vulnerabilities means we can better protect the citizens of countries around the world. Several policy and customer wins over the past year in the United States, Europe and Asia have driven home the value of CST for protecting our nations:
- Synack’s crowdsourced security testing technology was highlighted in the National Cyber Strategy of the United States of America as a “best practice” from forward-leaning industries.
- Adoption of crowdsourced security testing continues to grow in Europe with strong customers like Just Eat highlighting the value of crowdsourced testing in their organizations.
- Similarly, the National Defense Authorization Act (NDAA) has promoted crowdsourced security testing platforms as a way to address “the sheer size and scope” of potential vulnerabilities in the Department of Defense.
- The SECURE Technology Act was passed by the US Congress and signed into law by the President authorizing a “bug bounty” pilot at Department of Homeland Security (DHS).
- Secure the Olympics campaign was kicked off in Japan to build upon the work Synack is doing with F500 customers in the country to help secure the underlying business infrastructure that will power the Tokyo 2020 Olympics.
- Synack and the Defense Digital Service (DDS) celebrated the 3rd Anniversary of Hack the Pentagon with a blog describing the program’s crowdsourced security wins, including testing part of an F-15 at DEF CON, and next steps.
CISOs around the world have put these policies into practice to add rigor and efficiency to their security programs. While security programs may vary across the Global 2000 from high-growth startups to massive government agencies, their CISOs are prioritizing three core values in their crowdsourced security strategies: trust, courage, and privacy. Synack prioritizes these values in our platform by providing the intelligence they need to take real and practical steps toward security, the transparency they need to build trust with stakeholders, and the controls they need to protect the privacy of their companies and customers. Over the course of Cybersecurity Awareness Month we have made a point to drive these home:
- Courage – After successful events for senior women at RSA, Black Hat and Billington, Synack will finish out Cyber Awareness Month with sponsorship of the Women Unite over CTF on November 2nd. Synack is hosting an event at our SF Office! Registration is free!
- Trust – Over the course of the past month, Synack highlighted our 2019 Guardians of Trust award winners, who have exemplified rapid remediation, built security into their development life cycle and embraced security on a continuous cadence. We also released “Trust at Scale: 2019 Trust Report in Practice,” a new update to the 2019 Trust Report. The report was published alongside Optimizing Humans + Machines for Security Testing at Scale.
- Privacy – Synack released a webinar on how to use Synack to achieve data privacy and security objectives. Synack’s webinar focuses on how to use crowdsourced security testing to achieve NIST 800-53 security controls, which are government-grade security controls adopted the private sector, SLED, and the federal government.
We agree with the Department of Homeland Security (which is responsible for critical infrastructure across the United States) in their recent National Cybersecurity Awareness Month tagline: “Own IT. Secure IT. Protect IT.” #Becybersmart #securityistrust.