#136: Website security for bootstrappers

Security audits! Bug bounty programs! Frequent unsolicited pen-testing! When you put a website on the Internet, it almost immediately faces non-stop security attacks.

Ed and I discuss the ways we handle this within the resources available to us as bootstrappers.

Thanks to EmailToolTester who sponsored this episode. Find which email newsletter service actually reaches your customers with EmailToolTester’s deliverability report.

You can also listen to and download this episode here.

This episode was right on time. With one app we just entered a formal, third party run bug bounty program. Before we did that we hired security researchers to do a review. As it’s in a specialized technical niche, we needed qualified researchers to do that. Surprisingly, the security review was in the hundreds of USD only, and helped a lot in shoring up security.
The idea about the responsible disclosure policy is good to know.