Salesforce Paid More Than $2.8 Million in Bug Bounties Last Year

Salesforce launched their program in 2015 and it has awarded more than $12.2 million in total bounties since.

Salesforce paid out a total of more than $2.8 million to ethical hackers who helped them locate bugs in their software across 2021.

The highest amount paid for one bounty was $30,000, but more than 4,700 suspected vulnerabilities were reported to the software company last year, so they had a lot of bounties to hand out.

The payments are a heartening example of the ways in which hackers can help shore up an internet ecosystem that faces more and more threats from ransomware or phishing attacks every year.

How it Works

All product and features changes at Salesforce are tested internally, as you might expect. Once that’s over, though, the updates go through “a trusted network of ethical hackers,” as the company explained in a recent post. This pool of hackers — 118 of them in 2021 — is given access to a sandbox testing environment in order to crash-test the new software.

The bug bounty program then rewards those hackers who can locate and disclose security concerns in the new product releases and updates.

“I was attracted to becoming an ethical hacker after starting my career as a developer,” said Inhibitor181, an ethical hacker in the Salesforce bug bounty program. “Not only is it more stimulating and less monotonous to use my programming skills to legally hack into global companies’ products, but it also allows me to do my part in preventing cybercrime. Not all hackers are bad.”

Needless to say, Salesforce undoubtedly saved far more than they paid in bounties to locate any vulnerabilities in their software. We’ve called their software “the most reputable CRM on the market right now” in our latest review of their customer relationship management software, and they have to maintain that reputation.

Google and Microsoft Pay Millions More

Salesforce can’t touch Google for bug bounties: The search giant paid a total of $8.7 million in bounty rewards during 2021, it said earlier this month, paying 696 researchers in 62 different countries.

Google’s highest reward in 2021 was a tidy $157,000, for an Android security issue.

While Microsoft hasn’t released its 2021 bounties data yet, the tech corporation did pay $13.6 million in bounties for 2020, with an average of $10,000 and one bounty that was as high as $200,000.

Salesforce’s funds aren’t as large, but their program is growing: It launched in 2015 and has awarded more than $12.2 million in total bounties since. A full $9.5 million of that has just been since 2019.

Salesforce CRM Stays Secure

The bounty system appears to work. Salesforce CRM is feature-packed and highly secure, even if its ease of use might come with a learning curve.

And speaking of Microsoft, their Dynamics CRM is another solid pick, offering strong integration with other Microsoft products your business might be using. We’ve stacked the two services up against each other over here.

Salesforce is an attractive option for its low starting cost as well, particularly for CRM-only teams of five users or less. But plenty of other services are worth considering as well, even if they don’t have a bug bounty program working for them. Here’s a quick table of the top options, and we have a page dedicated to Salesforce CRM alternatives as well.

0 out of 0
Starting price
Most expensive plan
Free trial
Verdict
Email marketing
Social marketing
Marketing campaigns
API
Email Comms Channel
Phone Comms Channel
Website Live Chat Comms Channel

Microsoft Dynamics 365

SugarCRM

Keap

Sendinblue

$50/user/month

$25 per month

$1,500/user/month

$1,000/month

$279/month

$POA

30 days

Unlimited

14 days

30 days

21 days

14 days

30 days

30 days

7 days

14 days

An incredibly popular and customizable CRM for all businesses, with excellent communication tools

An easy-to-use and highly scalable platform ideal for growing businesses, with an excellent free plan.

Popular option with a modern, easily customizable interface and a great Free Trial

A robust platform aimed at businesses looking to scale

A highly intuitive CRM that is packed with plenty of features and even has a free plan option

Core CRM features in flexible pricing plans make this one of the best value CRM options for any small business

A robust CRM platform that embeds brilliantly with Microsoft products

An attractive option, with lots of features for a low price 

A great all-round CRM with a great, easy to understand dashboard

A suitable all-in-one platform for sales and marketing but a bit expensive

A decent choice for email marketing that falls behind in some other areas

Open

Limited

Open

Open

Open

Open

Yes

Limited

Open

Limited

Open

Requires Telephony integration on Support plans, available on Suite plans

Add-on required

Add-on required

Did you find this article helpful? Click on one of the following buttons
We're so happy you liked! Get more delivered to your inbox just like it.

We're sorry this article didn't help you today – we welcome feedback, so if there's any way you feel we could improve our content, please email us at contact@tech.co

Written by:
Adam is a writer at Tech.co and has worked as a tech writer, blogger and copy editor for more than a decade. He was a Forbes Contributor on the publishing industry, for which he was named a Digital Book World 2018 award finalist. His work has appeared in publications including Popular Mechanics and IDG Connect, and his art history book on 1970s sci-fi, 'Worlds Beyond Time,' is out from Abrams Books in July 2023. In the meantime, he's hunting down the latest news on VPNs, POS systems, and the future of tech.
Explore More See all news
Back to top
close Step up your business video conferencing with GoToMeeting, our top rated conferencing app – try it free for 14 days Try GoToMeeting Free