As an identity management provider, OneLogin must ensure that their customer data is secure, which means they must go beyond meeting a bare minimum security checklist.
Their bug bounty program has helped them go above and beyond in product security in a time when hiring talent is increasingly difficult, and technology gets more and more complex.
Their invite-only program incentivizes some of Bugcrowd’s top researchers to submit a diverse set of high-quality vulnerabilities.
“We’re dealing with customers who trust us with the security of their applications, assets, and user data. We need to demonstrate how we’re protecting their data, so for us, being a step ahead of that is very important. That’s why a service like Bugcrowd is perfect for us.” - Alvaro Hoyos, Chief Information Security Officer, OneLogin