“With help from hackers, Salesforce can consistently put its products and systems to the test, as well as boost security throughout the entire software development lifecycle. This live hacking event and the ongoing bug bounty program are crucial to reducing risk and building trust with our customers.”
— Andrew Leeth, Senior Director, Security Assurance, Salesforce
Salesforce considers LHEs core to maintaining an industry-leading program. Live hacking events allow the best and brightest security researchers to collaborate in person. Every security researcher who joined Salesforce at H1-4420 added value to the program. By showing Salesforce engineers the methods bad actors could deploy to find exploits, researchers educate the team to include that methodology during the software development lifecycle, ultimately helping keep Salesforce secure for its customers.
By the end of the event, a few security researchers had gone above and beyond, securing the top awards for H1-4420. Congratulations to our winners!
“Salesforce is a tough program to hack on, so I was excited to take home some big wins at H1-4420. Finding some of the more elusive bugs and helping Salesforce level up its security was very rewarding, and I’m excited to continue to work with Salesforce.”
— 82af5ddffbb795
“Salesforce is a tough program to hack on, so I was excited to take home some big wins at H1-4420. Finding some of the more elusive bugs and helping Salesforce level up its security was very rewarding, and I’m excited to continue to work with Salesforce.” Developing relationships with hackers is critical to creating success in live hacking events and ongoing bug bounty programs, and the hacker community consistently praises Salesforce as a thoughtful, communicative team. With thousands of programs to hack on, Salesforce’s advocacy for the researcher community continues to make them a researcher favorite.
— corb3nik
“Communication with the Salesforce team was one of the best experiences ever. They are friendly and have done an excellent job telling us their next steps when working on reports.” Thank you to all the H1-4420 participants for making this live hacking event a rousing success!
To learn more about Salesforce’s H1-4420 successes or inquire about their private bug bounty program, read the blog from Salesforce.