Application Crowdtesting Services Reviews and Ratings

The deployment of our first bug bounty program and VDP are a breeze with handholding from the customer success manager.

This has been a great company to work with so far. We evaluated several providers in the crowdsourcing market to help augment our commercial pen testing services. They have been great to work with and have provided a lot of value to our cybersecurity operations.

We have maintained a long-standing partnership with HackerOne spanning over 4 years, during which their service offering has consistently delivered results and value.

Our experience with Synack, the SRT (Synack Red Team), the Synack portal, and the actual pen testing process has been excellent. The portal itself makes managing the entire process very easy. We are a large company with a large number of developers and a large number of applications to test, and the portal provided a one-stop-shop approach to managing everything from test planning, to communication between the SRT and our developers, to the eventual remediation tracking and validation. As the leader of the Application Security team, one of my favorite things about Synack pen tests, was the level of documented detail provided by the SRT regarding exploits they found. Not only did it tell the developers exactly how the vulnerability was exploited, but exactly how to fix it, which also served as excellent secure code training for every developer that had to fix an exploit, or anyone else we gave access to that wanted to simply read and learn. Other benefits included: - ease and flexibility of the initial contract negotiation - several pen test "products" to choose from allowing for customization of our needs - leverage both human and artificial intelligence to find exploits, resulting in actionable results with a goal of rapid remediation - focus on rapid reduction of high-risk exploits - required only 1 part time resource to manage the portal, developer access, all the tests, communication, remediation, reporting, and vendor communication for a large number of pen tests covering many development teams - they recently introduced a delegated administration model for greater ease of test management - excellent canned and custom reports for differing target audiences

Cobalt was a seamless tool, which allowed us to get started on our Pen Test ASAP.

Intigriti is a great tool for every company that wants to ensure their platform or tool is safe for not only themself but also for the customers. Intigriti basically makes it possible for bug bounty hunters to (pen)test individuals parts of your platform.

We chose Hackrate as our pentest service provider for our SOC 2 compliance. We felt that with their unique approach to pentesting we'll more likely uncover real vulnerabilities and get more value compared to other providers. Their experts invested significant time in understanding our service and used that insight to examine its security aspects instead of aiming for low hanging fruits.

I worked with Digivante on the testing a university website build. The aim was to increase our test coverage, and at a faster pace than we were capable of. Digivante exceeded our expectations and added value to our services. Test coverage was spot on and delivered on time. Perhaps most impressively was actually working with Digivante staff. They were very personable, and knowledgeable. You could tell that they were passionate about their work and that our custom really mattered to them. I was sceptical about the flexibility of the service, but in working with them, the service was everything that to claimed to be. We had to quickly pause a test, and they adapted to the situation immediately. After the test, we were able to launch the site with a high-degree of confidence, and utilising Digivante's services certainly played a part in a smooth launch of the university website. From start-to-finish, working with Digivante was frictionless, and I would whole-heartedly recommend the use of their services.

Working with Lionbridge is a good experience. We have a learned a lot about data collection and localization services

Yogosha cybersecurity researchers have a lot of experience. They are great at finding advanced security issues, and provide clear reproduction steps and guidance to remediate them. Through the Yogosha platform, developers also have direct access to these researchers to ask for additional information. This makes our development teams more involved, and the cybersecurity researchers are dedicated and always willing to assist. Furthermore, we can ask to re-check if the finding is effectively remediated after deployment of the fix, to ensure a complete eradication of security issues found.

Great tool for website testing with good support. Allows us to schedule various types of testing such as Focused, Coverage, Usability and Custom. Bugs can be exported to Jira and include replays that are helpful for designers and developers to watch how the bug was created.

This service helps us to find freelancers for different monotonous works. We do not force our personnel to engage in routine and allow the freelancers to carry out these tasks. Also, we are looking for workers from other countries, this allows us to cut our expenses.

I've been working with Applause for a while, we had very good results at the beggining of the project, with good bug reporting. At the end our application needed a new focus and we left crowd testing. But for localized testing in multiple languages is a very good solution. The are very flexible and the overall experience is very positive.

To me crowd testing is the way to make sure your app is ready for the market, the service is really necessary for some of us since we do not have time or the patience to test all the different scenarios in users environments, the way it works for me is that i get the feedback and I try to apply any modification I can while taking all opinions into account, the service allowed me to find several bugs plaguing my app and also it allowed me to find some security flaws which hackers could have exploited.

My overall experience is generally good. Optimal Workshop offers a range of services, but where we found it most useful was in the testing of existing navigation hierarchies (Tree testing) and in discovering mental models for prioritising new navigation structures (Card sorting). It's fairly expensive for what you get though. It's straightforward to use and set up tests.