A leader in crowdsourced security testing, Bugcrowd connects companies and their applications to a crowd of tens of thousands of security researchers to identify critical software vulnerabilities. Powered by Bugcrowd’s platform, companies of all sizes can run both private and public bounty programs to efficiently test their applications and reward valid vulnerabilities.
Security Questionnaire Response Process Before Loopio
Leif Dreizler was Bugcrowd’s first (and only) Sales Engineer (SE) for almost 10 months. As the only team member with in-depth domain knowledge, a large part of his responsibilities involved responding to Security Questionnaires for the entire sales team.
Being in the Information Security Industry, Bugcrowd receives Security Questionnaires as part of almost every sales opportunity. Most of these requests come in towards the end of the quarter, as a final step in the sales process.
Before Loopio, Leif used to get swamped with numerous questionnaires within a short period of time. These documents range from 20 to 600 questions and his response approach involved a combination of copying and pasting answers from previous documents and rewriting answers from scratch.
This process also made it hard to collaborate with Subject Matter Experts (SMEs) outside of the sales organization. Leif would go through the entire document before assigning questions in bulk to the SMEs to minimize the number of communications they received. To keep projects on track, either Leif or the sales representative often had to follow up with SMEs or escalate slow responses to their Vice President.
Why Bugcrowd chose Loopio’s RFP software
Leif wanted to find a solution that would help him manage Security Questionnaires more efficiently. Loopio was an ideal solution to his problem of answering the same questions over and over, as it presented a more efficient and scalable process.
When evaluating Loopio, Leif liked the granularity of the Library structure, the ability to tag content, and the search functionality within projects. These features would help him build out a well-organized content library and allow him to quickly pull that content into responses.
Centralize Security Content and Enable Knowledge-Sharing
Having Security content centralized in Loopio has allowed Leif to train other SE team members and share his knowledge of Bugcrowd’s Security program with them. Once he built out their Loopio Library, the entire SE team had access to the content and was able to start leveraging it in their responses.
Loopio has also been very useful in helping Leif train other SEs, “After going through the process with the other SEs, Loopio was suggesting enough answers that they could complete most questionnaires on their own. When we had an increase in volume, the other SEs were much more self-sufficient to complete the work on their own without me having to do everything.”
As a result, Loopio has enabled Bugcrowd to go from one person completing Security Questionnaires in a “tedious and repetitive” manner to a distributed process, in which responding to questionnaires is a shared responsibility of the entire SE team.
Streamlining Collaboration With SMEs
Loopio has also enabled Bugcrowd’s Sales Engineering team to collaborate with Subject Matter Experts on the Product, Engineering, and Infrastructure teams more efficiently. Whenever SEs encounter questions that are not in the Loopio Library, they can easily assign them out to contributors as they go through the project and trigger reminders for late responses from within Loopio.