Jump to content
  • Sign Up
  • Create New...

Salesforce helps customers establish bug bounty programmes

Pelican Press

Recommended Posts

Salesforce helps customers establish bug bounty programmes

This is the hidden content, please
customers can now take advantage of a wealth of new content covering bug bounty programmes on its Trailhead online learning platform, which has been added ahead of the Washington DC leg of the supplier’s annual World Tour targeting US government bodies – the London event is scheduled for
This is the hidden content, please

The learning content is designed to provide appropriate resources for organisations to build out their own

This is the hidden content, please
, which at their core provide financial rewards to ethical hackers who uncover and disclose software vulnerabilities, and are a proven and effective way for them to gain insights into threat actors and to stay ahead of threats, including emerging AI-backed ones.

The Trailhead series breaks down the programme development process into *****-sized chunks, with modules including:

  • Defining a bug bounty programme and its ultimate scope and goals;
  • Structuring a bug bounty programme, including work phases, areas of research, and personnel roles;
  • Understanding Salesforce’s own bug bounty programme;
  • Creating vulnerability reports;
  • And diving into targeted research campaigns.

“As the cyber security landscape continues to evolve rapidly, Trailhead has been an incredible resource to continually learn new skills. Having a playbook to seamlessly set up a bug bounty programme will unlock new capabilities and reshape how BACA Systems thinks about strengthening security practices,” said Andrew Russo, Salesforce architect at

This is the hidden content, please
, a US manufacturer of robotic stone-cutting equipment.

Brad Arkin, chief trust officer at Salesforce, added: “As a trusted advisor to our customers, we share security tools and information they need to be successful. By providing the resources they need to establish their own bug bounty programme and engage with ethical hackers, we are empowering companies to increase customer trust in the age of AI.”

“With the White House underscoring the importance of cyber security through the AI Executive Order and securing voluntary commitments for advancing safe and trustworthy AI, and with hackers already using AI for cyber attacks, it’s more urgent than ever for organisations to adopt measures to enhance the security of their entire ecosystem,” he continued.

Salesforce itself runs a successful multi-year bug bounty programme internally, which it organises with the assistance of sector specialist HackerOne.

In 2023 alone, the scheme paid out approximately $3m to 6,500 ethical hackers working on 4,200 vulnerability disclosures, with the largest reward topping $60,000. Since the programme’s inception in 2015, Salesforce says it has made $18.9m worth of bounty payments, helping eradicate 30,600 potential vulnerabilities in its code.

A major focus of the current programme is adapting to address the potential threats posed by AI, as well as proactively ‘test-driving’ its products before adversaries get the chance to. It is also exploring new ways to innovate the experience for the ethical hackers working on the programme, including more gamified experiences, and crucially, better engagement and faster response times.

This is the hidden content, please

#Salesforce #helps #customers #establish #bug #bounty #programmes

This is the hidden content, please

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    • No registered users viewing this page.

Important Information

Privacy Notice: We utilize cookies to optimize your browsing experience and analyze website traffic. By consenting, you acknowledge and agree to our Cookie Policy, ensuring your privacy preferences are respected.