For the past two years, Genians has operated a Bug Bounty program focused on improving every step of our user journey. This post summarizes the key lessons and structural improvements we made along the way. The goal is simple:
When a flaw is found, we acknowledge it fast and fix it at the structural level.
Why We Opened the “Front Door” First
Unlike most programs that focus only on product-level vulnerabilities, we started with the entire flow before a user enters the product:
- www.genians.com (Main Website): Where every new user begins: search, landing, and the Trial call to action.
- my.genians.com (Trial and Customer Portal): Where Trial creation, license activation, and cloud-managed services occur.
- Genian NAC Onboarding Flow: Everything from Trial issuance to verification, login, and the first experience with the product.
Why focus on this layer?
Because real attacks often happen before the product is used during signup, email verification, Trial creation, and other infrastructure-level flows. These steps are heavily targeted by automated attacks across the SaaS ecosystem.
By opening the entire onboarding funnel to external researchers, we gained visibility into issues that internal QA and traditional product testing cannot easily surface.
Most of the impactful reports came from exactly this area.
What We Consistently Found Over Two Years
The most common issues were not deep product vulnerabilities but design gaps in the onboarding and access flow. Engineers and security researchers will recognize many of these patterns.
- Email Enumeration
- Signup and Login pages leaked the existence of email addresses.
- Fix: Unified responses, timing normalization.
- Missing Rate Limits
- Login, Signup, and Trial creation endpoints lacked basic rate limits.
- Fix: IP and session-based limits with bot score filtering.
- Weak Email Verification Flow
- Certain conditions allowed verification bypass risks.
- Fix: Strong one-time tokens, strict origin checks, fixed expiration.
- Insufficient Validation in Trial Creation
- Some flows exposed CSRF risks that could trigger unwanted Trial creation and CRM pollution.
- Fix: Reworked CSRF tokens, SameSite strict by default.
- Data Consistency Issues After Account Deletion
- Deleted accounts sometimes left associated cloud resources behind.
- Fix: Full cascade deletion for accounts, Trials, caches, and cloud artifacts.
How Attackers’ Movement Reshaped Our Onboarding Architecture
Bug Bounty exposed behaviors that internal testing rarely reveals.
- Normal users log in a handful of times. Attackers log in thousands of times.
- Normal users use one email. Attackers try millions of random strings.
- Normal users follow documented flows. Attackers chain endpoints and explore beyond interface boundaries.
These behavioral differences exposed structural gaps not because our product was weak, but because real attackers do not use the system the way we expect.
We treated these findings not as failures, but as signals to redesign flows and strengthen assumptions.
From Discovery to Fix to Structural Redesign
Every valid report follows a consistent triage loop:
- Reproduce
- Analyze impact
- Apply a hotfix or temporary control
- Define a structural improvement
- Deploy
- Update anti-regression rules
This loop ensures that improvements affect not just an individual endpoint, but the entire onboarding architecture. New users now experience a more stable and predictable Trial flow because of these refinements.
Bug Bounty Is Not a Cost – It Is a Trust Engine
There is a common fear that Bug Bounty makes a system look filled with issues.
Reality is the opposite.
Through the program, we:
- Identified hidden threat vectors early
- Improved data integrity across systems
- Stabilized the Trial to POC conversion flow
- Built a sustainable feedback loop with external researchers
Bug Bounty does not degrade quality. It proves it.
What Comes Next
We will continue expanding the program with:
- Automated detection of Trial abuse patterns
- Deeper telemetry on authentication and signup flows
- Ongoing refactoring of onboarding logic
- Closer collaboration with external researchers
- Increased automation in process-level security testing
Our goal is clear:
Every step before using a Genians product should run on measurable, predictable, and transparent trust. Bug Bounty is one of the most effective ways to build that trust, and we will keep investing in it.
Challenge us!
