Crowdsourced pentesting is one term that we use another way to think about it is pentesting as a service. What we’ve observed in the industry is that your more traditional options for getting a pentest started with a consulting firm we’ve seen that there are some cases where this is done with kind of a relatively low tech approach things like you know you get a final report in a PDF that’s not machine readable. They can’t be easily exported into for example a developer bug tracking system , and I think unfortunately what you see sometimes also is a large variance in the quality of the testers and of course there are all sorts of reasons for that.
But that being said, with our PenTest as a service what we do is we provide clients with a high degree of visibility into the quality of the talent, so all the researchers are highly vetted, that starts with a recommendation from within the current researcher community and then folks are matched to projects based on feedback and experience and for every project they complete, they actually get rated on a five star scale similar to how you might rate a restaurant on yelp or a place you might stay on Airbnb. There’s this kind of like quantitative feedback loop that’s built into the system, in order to provide organizations with more visibility into the talent,and then the other thing is because we have a global network of highly vetted and certified researchers we are able to scale in a way that many consultancies which for the most part of locally based cannot.
We have this ability to kick off a pentest on demand, unlike an organization working with more traditional consulting firm might need to wait weeks or even months to get a pen test started. We actually have an ability to pick up a pentest within forty eight hours, which we’re seeing is of great value to a lot of customers,particularly those who find out about an acquisition at the last minute or maybe they need to respond preventive security questionnaire. There are many reasons why somebody might want to do a security test now and that’s something that we can actually accommodate.