Case Study: Cake achieves faster vulnerability fixes and greater security transparency with Intigriti bug bounty programs

How Cake uses bug bounty programs as a tool for security transparency

Cake is a free, independent banking app that aggregates users’ accounts and processes sensitive data from ~140,000 bank accounts (150M transactions, €36B total). To keep user data continuously safe and uphold its privacy-first values, Cake launched bug bounty programs on the Intigriti platform to invite continuous, community-led security testing.

Using Intigriti, Cake runs a public program for its consumer app and a private program for back-end systems (with vetted researchers and shared test credentials). Intigriti’s community (90,000+ researchers) helped uncover several vulnerabilities that Cake fixed quickly, improving visibility into its attack surface, speeding remediation, and enabling detailed researcher reports and re-tests to validate fixes.

Cake

Pieter Schelfhout

Co-Founder