There’s nothing more important than protecting the lifeblood of your business: customer data. No one takes this more seriously than Zenefits, the All-in-One HR Platform. Zenefits holds sensitive personal and financial data for over 10,000 small and medium businesses.
That’s a lot of high risk customer data, including Personally Identifiable Information (PII) and Protected Health Information (PHI). Thankfully, Zenefits has a world-class security program and a Red Team that knows, like many other companies with similarly sensitive data, they must be on their game 24/7.
Mack Staples, Senior Manager of Zenefits’ Red Team, walks through some best practices they use to enable bug bounties as a core product security strategy. He discusses tips, practical advice, and insights into how they’ve built their world-class bug bounty program into one of the top program’s on the HackerOne platform.