Nextcloud offers cloud-based solutions with a security-first approach that begins as they design and develop their products. But their small team realizes no solution can be perfectly secure, nor can any organization hire enough engineers to protect against every vulnerability. And with the additional burden of GDPR compliance, security quickly became a core part of their overall company strategy.

Read how Nextcloud uses HackerOne to expand their security efforts while maintaining a tight budget and keeping up with speedy competitors. In this overview, you’ll learn:

  • How Nextcloud’s security team maintains an average vulnerability report response time of less than one hour.
  • How they’ve built their bug bounty program to support GDPR compliance efforts. 
  • Their tips on building and expanding your own bug bounty program.

“We obviously can’t hire enough engineers to protect against every possible vulnerability, but we can use our bug bounty program to add on-demand expertise where we need it and continuous coverage nearly everywhere else.”  
-- Frank Karlitschek, Nextcloud Founder and Managing Director

Download this overview today!