How Salesforce Uses Bug Bounties to Protect Their Customers' Data

The pioneer of cloud-based software is also a pioneer in software security. And as Salesforce grew from a novel idea to an $8 billion company, they built their business on the trust customers place in them to protect their data. 

For the past 3 years, Salesforce has trusted HackerOne as their platform for hacker-powered security. Their product security lead, Vinayendra Nataraja, recently shed some light on the success of their program. In this overview, you’ll learn:

  • How Salesforce has managed more than 3,200 valid bug reports from more than 1,200 hackers.
  • Why Salesforce put extra effort into reducing response times to hackers from more than one day to less than 5 hours.
  • How Salesforce structures bounty values and why they use bonuses to focus hackers on problem areas. 

“The program has been successful because of the continued contributions from diverse, talented researchers,” --Vinayendra Nataraja, a senior product security engineer at Salesforce


Download this overview today!