Okta

Looking for Okta Logos?

You can find all the media assets you need as part of our press room.

Download Media Assets

Growing the Hive: Strengthening Okta’s Security with Bugcrowd

David Baker
Chief Security Officer

Customer success is our number one company value at Okta. For my security team, that translates directly to customer security and assurance: continually demonstrating to customers how we keep their data safe and secure. Today, we announced another big step in how we protect our customers’ data with the launch of a public bug bounty program with Bugcrowd. Through the program, we are able to mobilize Bugcrowd’s crowd of more than 40,000 cybersecurity researchers to further enhance the security of the Okta Identity Cloud.

Bugcrowd connects organizations to tens of thousands of security researchers from around the world to identify and address vulnerabilities in applications, devices and code. We started working with Bugcrowd through a private bug bounty program, which we used to validate the security work we were doing internally. Bugcrowd quickly became an integral part of our overall security program, and we were able leverage “the crowd” to quickly scale up our team and work, improving response time and increasing transparency. By moving to a public program, we can now take advantage of the full talent and resources of Bugcrowd’s curated group of researchers, enabling my team to further focus their assessments on the critical early stages of product design and development.

Ultimately, we believe vulnerability discovery is a crucial step all software vendors should be taking. As a cloud service, Okta is inherently a security service, and we’ve striven to obtain the most rigorous security standards: last year, we achieved ISO 27001 certification, and we were the first and only IDaaS company to achieve the Cloud Security Alliance (CSA) Security, Trust, & Assurance Registry (STAR) Level 2 Attestation. Companies trust us with their data, and we provide them — as well as their employees, partners, contractors and customers — with the ability to access it seamlessly and securely. Without this trust, we can’t do what we do, so it is essential we take that data and protect it with the utmost means necessary. Bugcrowd is another powerful tool in our toolbelt that helps us do that.

David Baker
Chief Security Officer

David Baker is the Chief Security Officer at Okta. As CSO, David is responsible for the security of Okta’s service, helping the company focus on customer success by solving the security challenges enterprises face as they evolve operations into the cloud.

Prior to Okta, David served as the Vice President of Services at IOActive, the Security Architect at Webex Communications, and a Network Engineer at Loudcloud. David also has experience as a research scientist at NASA Ames Research Center, bringing to Okta over 15 years of experience in enterprise data security, information technology and government computer research industries.

David earned his bachelor’s degree in mechanical engineering at California State Polytechnic University-Pomona and his master’s degree in aeronautical engineering at California Polytechnic State University-San Luis Obispo. David also enjoys competitive cycling and running.

Follow David Baker