BELLEVUE, Wash., Oct. 1, 2019 -- Auth0, a global leader in Identity-as-a-Service (IDaaS), today announced the launch of a private bug bounty program to further reinforce its emphasis on security and ensure that its customers are protected from any vulnerabilities.
The private bug bounty is a specialized program that will allow Auth0's security team to partner with selected researchers to source potential vulnerability discoveries in exchange for monetary rewards. The bug bounty will be run on Bugcrowd and will expand the company's current Responsible Disclosure Program, which is already in place.
"We take the privacy and protection of our customers' data very seriously and are dedicated to investing the time and resources into ensuring we adhere to the highest standards," said Joan Pepin, CISO and VP of Operations at Auth0. "Our security program is maturing rapidly, and the launch of this bug bounty program reinforces our dedication to our customers and the highest level of security we offer them."
Bugcrowd will select and invite security researchers registered on its platform based on skills and experience. Each report verified by Bugcrowd's Application Security Engineer team will be then sent to the Auth0 Product Security team to assess the severity of the finding, assign the researcher a monetary reward, move the issue to its internal vulnerability database, and work with relevant Product and Engineering teams towards remediation.
"Bugcrowd deploys a global Crowd of diverse, creative, and highly-skilled security researchers to identify and solve security challenges," said Ashish Gupta, CEO at Bugcrowd. "The result is our ability to provide highly specialized security expertise to the high caliber of companies we work with. We are really excited to be supporting the launch of Auth0's Bug Bounty Program and serve as an extension of its security team."
The program is launching with approximately 25 global researchers who have been identified and invited by Bugcrowd, and will increase in number later this year.
Auth0 is a trusted security partner to its customers and has achieved certification for many important compliance regulations, including HIPAA, SOC 2 Type II, ISO 27001, ISO27018, and more. Please visit Auth0 Security for more information.
Auth0 is the first identity management platform for application builders, and the only identity solution needed for custom-built applications. With a mission to secure the world’s identities so innovators can innovate, Auth0 provides the simplicity, extensibility, and expertise to scale and protect identities in any application, for any audience. Auth0 secures more than 100 million logins each day, giving enterprises the confidence to deliver trusted and elegant digital experiences to their customers around the world.
Matter for Auth0