How OneMount Group Uses Managed Bug Bounty For Application Protection?

Managed Bug Bounty helps OneMount Group enhance the overall security posture of Vinshop & VinID applications while ensuring customer data safety.

About OneMount Group

September 19, 2019 – OneMount Group (1MG) was established with the vision of advancing Vietnamese economic development by building a technology infrastructure platform for businesses. Thereby, they help businesses create and enhance value for consumers with more cost-competitive products and services. In addition, 1MG is committed to building a strong and sustainable Vietnamese enterprise, providing a conducive environment to nurture and foster startups in the future.

The goal of 1MG is to create Vietnamʼs largest technological ecosystem, providing solutions and services along the entire value chain in the financial services, distribution, real estate, and retail sectors.

With its professional business administration and robust financial backing, 1MG has a competitive edge in attracting and retaining talented Vietnamese individuals from all over the world. This will be a place to connect people and businesses through a combination of technology platforms and financial solutions, offering a seamless digital life experience for the Vietnamese.

Challenges

“Even with abundant financial resources, there are still numerous challenges in recruiting, building, and maintaining a well-suited security team.” – Mr. Nguyen Thanh Tung, Head of Product Security, OneMount JSC

Over the past few years, the wave of digital transformation has been significantly impacting traditional businesses in Vietnam, exposing them to numerous risks and challenges in cyberspace.

In reality, the emergence of security vulnerabilities is inevitable during the development of technology products. The key is to control and address them in a timely manner. Instead of waiting and fixing flaws on a finished product, OneMount Group aims to focus on developing products with good security architecture from the beginning, which helps to minimize the number of vulnerabilities, save costs and resources for repairs, and optimize the product development process.

However, focusing solely on the initial design phase presents a significant challenge for OneMount, especially when they need to swiftly develop products to gain a competitive edge in the market. Furthermore, the company’s in-house security team has insufficient capacity to meet such goals, nor can halt production to fix any flaws in the products before re-release.

“In Vietnam, organizations face a considerable obstacle when it comes to recruiting cybersecurity professionals. Despite the growing demand, the workforce in this sector remains restricted, especially the scarcity of highly skilled individuals.” according to Mr. Nguyen Huu Trung, Founder & CEO of CyStack.

To ensure both product safety and rapid market access, OneMount Group has adopted crowdsourced security – a harmonious combination to tackle security vulnerabilities throughout the entire product development process.

Solutions

“I believe it would be better if businesses had a professional in-house security team. However, this is sometimes not feasible in the current context of personnel shortage. Therefore, an alternative approach would be to leverage crowdsourced security.” – Mr. Nguyen Huu Trung, Founder & CEO CyStack

Recognizing the challenges at hand, OneMount Group has sought CyStack’s support with Managed Bug Bounty solution to address outstanding issues.

We connect OneMount with the global security community through WhiteHub – the 1st and the biggest crowdsourced security platform developed by CyStack in Vietnam. Instead of seeking and recruiting talented security personnel for its internal team, CyStack helps OneMount take advantage of the community power to identify and address vulnerabilities in a timely and efficient manner, while also improving its security posture and reducing the risk of cyber attacks and data breaches.

“External experts are highly proactive and possess extensive knowledge of different security vulnerabilities, enabling them to timely and efficiently identify such weaknesses. As a result, the internal security team can concentrate on addressing product-related security issues as quickly as possible before the products are released to the market.” – said the OneMount representative

By leveraging the experienced expert community, OneMount quickly identified vulnerabilities in its web and mobile applications. This enabled the business to timely address critical security issues, safeguarding both its applications and customer data. Additionally, CyStack’s services helped OneMount save time and costs in identifying and addressing security vulnerabilities.

Results

Final Thoughts

Crowdsourced security has become an inevitable trend of modern security to address the challenges posed by cybersecurity threats, especially in companies having fast product development.

Using Managed Bug Bounty enables the IT team to focus on their primary role in the business. Instead of testing and identifying vulnerabilities, they can concentrate on designing secure systems and providing secure architecture consultations internally, reducing the risk of cyberattacks by 80%. This approach also saves businesses on security expenses, freeing up their resources to invest in product and service development.