Application Crowdtesting Services Reviews and Ratings

YesWeHack have impressed from start to present day

Bugcrowd is a great bounty provider, and works with its customers and its bug bounty community very closely. I have used them in multiple work places, and in my opinion a Bug Bounty program is a must have for all companies that have an online presence.

Overall had a nice experience so far with HackerOne in terms of product functionalities and also their support

Our experience with Synack, the SRT (Synack Red Team), the Synack portal, and the actual pen testing process has been excellent. The portal itself makes managing the entire process very easy. We are a large company with a large number of developers and a large number of applications to test, and the portal provided a one-stop-shop approach to managing everything from test planning, to communication between the SRT and our developers, to the eventual remediation tracking and validation. As the leader of the Application Security team, one of my favorite things about Synack pen tests, was the level of documented detail provided by the SRT regarding exploits they found. Not only did it tell the developers exactly how the vulnerability was exploited, but exactly how to fix it, which also served as excellent secure code training for every developer that had to fix an exploit, or anyone else we gave access to that wanted to simply read and learn. Other benefits included: - ease and flexibility of the initial contract negotiation - several pen test "products" to choose from allowing for customization of our needs - leverage both human and artificial intelligence to find exploits, resulting in actionable results with a goal of rapid remediation - focus on rapid reduction of high-risk exploits - required only 1 part time resource to manage the portal, developer access, all the tests, communication, remediation, reporting, and vendor communication for a large number of pen tests covering many development teams - they recently introduced a delegated administration model for greater ease of test management - excellent canned and custom reports for differing target audiences

Cobalt was a seamless tool, which allowed us to get started on our Pen Test ASAP.

Intigriti is a great tool for every company that wants to ensure their platform or tool is safe for not only themself but also for the customers. Intigriti basically makes it possible for bug bounty hunters to (pen)test individuals parts of your platform.

I worked with Digivante on the testing a university website build. The aim was to increase our test coverage, and at a faster pace than we were capable of. Digivante exceeded our expectations and added value to our services. Test coverage was spot on and delivered on time. Perhaps most impressively was actually working with Digivante staff. They were very personable, and knowledgeable. You could tell that they were passionate about their work and that our custom really mattered to them. I was sceptical about the flexibility of the service, but in working with them, the service was everything that to claimed to be. We had to quickly pause a test, and they adapted to the situation immediately. After the test, we were able to launch the site with a high-degree of confidence, and utilising Digivante's services certainly played a part in a smooth launch of the university website. From start-to-finish, working with Digivante was frictionless, and I would whole-heartedly recommend the use of their services.

We've been trying to find a solution for finding vulnerabilities in our infrastructure in a well organized way. Previously we've been dealing with reports in-house, and that simply took too much time out of our developers day-to-day life to check and validate if they were actionable or not, then we also had to deal with the bounties on a case by case basis, which was just too tedious. Hackrate offered the perfect solution: a managed way of dealing with reports by providing curated vulnerability/bug reports, making them instantly actionable, saving us a lot of time.

Working with Lionbridge is a good experience. We have a learned a lot about data collection and localization services

Great tool for website testing with good support. Allows us to schedule various types of testing such as Focused, Coverage, Usability and Custom. Bugs can be exported to Jira and include replays that are helpful for designers and developers to watch how the bug was created.

This service helps us to find freelancers for different monotonous works. We do not force our personnel to engage in routine and allow the freelancers to carry out these tasks. Also, we are looking for workers from other countries, this allows us to cut our expenses.

I've been working with Applause for a while, we had very good results at the beggining of the project, with good bug reporting. At the end our application needed a new focus and we left crowd testing. But for localized testing in multiple languages is a very good solution. The are very flexible and the overall experience is very positive.

To me crowd testing is the way to make sure your app is ready for the market, the service is really necessary for some of us since we do not have time or the patience to test all the different scenarios in users environments, the way it works for me is that i get the feedback and I try to apply any modification I can while taking all opinions into account, the service allowed me to find several bugs plaguing my app and also it allowed me to find some security flaws which hackers could have exploited.

My overall experience is generally good. Optimal Workshop offers a range of services, but where we found it most useful was in the testing of existing navigation hierarchies (Tree testing) and in discovering mental models for prioritising new navigation structures (Card sorting). It's fairly expensive for what you get though. It's straightforward to use and set up tests.