Connect with us


Dash [DASH]’s Bugcrowd platform “saved a lot of embarrassment” – Jim Bursch

Ranjitha Shastry



Dash [DASH]'s Bugcrowd platform "helped saved a lot of embarrassment" - Jim Bursch
Source: Pixabay

Dash’s initiative “Bugcrowd” is a platform that connects organizations to a global crowd of trusted security researchers. Bugcrowd recently added a video in which Jim Bursch, the Manager of Dash’s Bug Bounty Program talks about the importance of having in place an organized Bug Bounty programme and also about how they found a vulnerability in the Dash wallet which saved them from a lot of embarrassment. He mentions:

“With Dash digital cash you are basically dealing with money. Whenever you are dealing with money you also have to deal with threats to that money, to theft, fraud. So security is imperative and important is a particular application. One of the most important things is getting eyes on the code and making sure that it’s secure. And one other thing that I saw a need for is something like a Bug Bounty Programme, basically an incentive for the researchers, hackers to look at our code and try to break it and try to steal Dash.”

The Bugcrowd was designed basically to deal with the mentioned problems and then report back the vulnerabilities in a “responsible” manner. This is he said was a “managed programme”. The vision behind starting Bugcrowd was to engage the researcher or the hackers community in dedicatedly finding these bugs. He continues:

“We have found critical vulnerability in one of our wallet applications. This is like hacking a bank basically; the code has to be that secure and this particular vulnerability it basically enabled a hacker to bypass a very important security feature. It saved us not only our end users but it also saved us embarrassment, if this bug or the vulnerability had come out after we had launched the product, the wallet, it saved us our reputation.”

Bursch refers to this process as the benefit of having a bounty programme; getting a lot of expertise on that code and a mechanism for them to report it as well.

Working with Bugcrowd has two-fold value – first one being the vulnerabilities identified, reported, and getting fixed. The second is the “PR” value, that is being able to give the users confidence to feel safe with the application that they are using. Bursch also mentions:

” I am on their platform not only interacting with researchers but also the Bugcrowd team and I rely upon the team to help me manage the relationship with these researchers.”

Follow us on Telegram | Twitter | Facebook

Ranjitha Shastry is a part of AMBCrypto's News Reporting Team. Having done her major in Journalism and mass communication, she is passionate about business and economic journalism.