Kinepolis is a leading company in the cinema exhibition industry. They offer the ultimate movie experience by investing in comfortable seating, big screens, good content and innovative cinema technology.
Kinepolis’ main interaction point with their customers is their web platform. Keeping those systems secure and up and running at every moment is of utmost importance.
The cinema company already worked with good partners to help with their IT security challenges, providing penetration testing for example.
Penetration testing, or pentesting for short, is done before a software release or major update. A designated security expert examines the code and checks for vulnerabilities.
Kinepolis decided to run a bug bounty program on the intigriti platform. They invited crowdsourced security researchers to look for vulnerabilities in their systems in a safe and controlled way.
The decision to work with such ‘ethical hackers’ was not taken lightly.
“The biggest challenge of starting with intigriti was fear of the unknown. It feels a little like jumping out of a plane. Allowing people to test our systems 24/7, especially directly in production! I quickly realised that it is happening anyway. Once you publish your website, it’s out there in the big world. It’s connected and it’s accessible… also for people with bad intentions. Better accept reality and try to secure everything as much as possible.”
The intigriti platform is the central hub of communication between external researchers and Kinepolis. When a vulnerability is found, the researcher submits his findings to the platform first. There, intigriti’s own security experts check if the vulnerability is real and properly documented. The benefit is clear to Van Reet: “Intigriti’s triage process makes sure that only real issues are submitted to our IT security team, who can immediately work on a solution.”
Collaborating on the intigriti platform, Kinepolis’ internal IT security teams feel backed up by the crowdsourced researchers, who insert an inspiring element of creativity to IT security testing. All share a common goal: keeping the systems safe.
Do you want to save this case study for later reference?Download this customer story as pdf. Download PDF