BELLEVUE, Wash., Oct. 1, 2019 -- Auth0, a global leader in Identity-as-a-Service (IDaaS), today announced the launch of a private bug bounty program to further reinforce its emphasis on security and ensure that its customers are protected from any vulnerabilities.
The private bug bounty is a specialized program that will allow Auth0's security team to partner with selected researchers to source potential vulnerability discoveries in exchange for monetary rewards. The bug bounty will be run on Bugcrowd and will expand the company's current Responsible Disclosure Program, which is already in place.
"We take the privacy and protection of our customers' data very seriously and are dedicated to investing the time and resources into ensuring we adhere to the highest standards," said Joan Pepin, CISO and VP of Operations at Auth0. "Our security program is maturing rapidly, and the launch of this bug bounty program reinforces our dedication to our customers and the highest level of security we offer them."
Bugcrowd will select and invite security researchers registered on its platform based on skills and experience. Each report verified by Bugcrowd's Application Security Engineer team will be then sent to the Auth0 Product Security team to assess the severity of the finding, assign the researcher a monetary reward, move the issue to its internal vulnerability database, and work with relevant Product and Engineering teams towards remediation.
"Bugcrowd deploys a global Crowd of diverse, creative, and highly-skilled security researchers to identify and solve security challenges," said Ashish Gupta, CEO at Bugcrowd. "The result is our ability to provide highly specialized security expertise to the high caliber of companies we work with. We are really excited to be supporting the launch of Auth0's Bug Bounty Program and serve as an extension of its security team."
The program is launching with approximately 25 global researchers who have been identified and invited by Bugcrowd, and will increase in number later this year.
Auth0 is a trusted security partner to its customers and has achieved certification for many important compliance regulations, including HIPAA, SOC 2 Type II, ISO 27001, ISO27018, and more. Please visit Auth0 Security for more information.
Auth0 provides a platform to authenticate, authorize, and secure access for applications, devices, and users. Security and application teams rely on Auth0's simplicity, extensibility, and expertise to make identity work for everyone. Safeguarding billions of login transactions each month, Auth0 secures identities so innovators can innovate, and empowers global enterprises to deliver trusted, superior digital experiences to their customers around the world.
Matter for Auth0