Case Study: Zoom achieves continuous, scalable attack-surface protection with Bishop Fox's Cosmos

Zoom Secures their Rapidly Expanding Attack Surface with Cosmos

Zoom, the video-first communications platform, faced explosive growth (from 10M daily meeting participants in Dec 2019 to 300M in Apr 2020 and ~265,400 business customers) that created a rapidly expanding and complex attack surface—roughly 250K new customer-created subdomains. To add continuous, scalable security testing to their program, Zoom engaged Bishop Fox and its Cosmos (formerly CAST) platform to gain ongoing visibility and prioritized risk insights.

Bishop Fox used Cosmos plus hands-on red-team expertise to map roughly 500K internet-facing targets, validate findings with proof-of-concept exploits, and prioritize actionable remediation for Zoom’s security team. As a result, Zoom patched five critical/high-risk issues within hours of discovery, reduced the risk of misconfigurations becoming public, and continues to rely on Bishop Fox for continuous attack-surface mapping and risk validation.

Zoom