Salesforce today released new bug bounty learning content on Trailhead, Salesforce’s free online learning platform. This content provides the resources for any company to build their own bug bounty program as the cyber security landscape rapidly evolves.
Why it matters: Bug bounty programs, which provide financial rewards to ethical hackers who discover software vulnerabilities, are an effective way for companies to gain insights into bad actors and stay ahead of evolving AI-powered security threats.
Go deeper: The bug bounty series on Trailhead breaks down the process for developing programs into bite-sized learning, including:
- Defining a program and its goals
- Structuring a bug bounty program, including typical work phases, areas of research outlined, and common personnel roles
- Getting to know the Salesforce bug bounty program
- Creating vulnerability reports
- Diving into targeted research campaigns
The bigger picture: From the volume of identified potential vulnerabilities to the firsthand intel on how hackers are using AI, bug bounty programs offer substantial ROI for organizations. Salesforce’s program, for example, has awarded over $18.9 million in bug bounties since 2015 to its ethical hackers, who have reported nearly 30,600 potential vulnerabilities.
Salesforce perspective: “As a trusted advisor to our customers, we share security tools and information they need to be successful. By providing the resources they need to establish their own bug bounty program and engage with ethical hackers, we are empowering companies to increase customer trust in the age of AI,” said Brad Arkin, Chief Trust Officer.
By providing the resources they need to establish their own bug bounty program and engage with ethical hackers, we are empowering companies to increase customer trust in the age of AI.
Brad Arkin, Chief Trust Officer, salesforce
- “With the White House underscoring the importance of cybersecurity through the AI Executive Order and securing voluntary commitments for advancing safe and trustworthy AI, and with hackers already using AI for cyberattacks, it’s more urgent than ever for organizations to adopt measures to enhance the security of their entire ecosystem,” he continued.
The Trailblazer perspective: “As the cybersecurity landscape continues to evolve rapidly, Trailhead has been an incredible resource to continually learn new skills. Having a playbook to seamlessly set up a bug bounty program will unlock new capabilities and reshape how BACA Systems thinks about strengthening security practices,” said Andrew Russo, Salesforce Architect, BACA Systems.
Learn more:
- Get started with building a bug bounty program
- Learn more about Salesforce’s Bug Bounty Program
- Read more about why one of Salesforce’s top ethical hackers hacks for good
- Explore Salesforce’s cybersecurity tips and resources here