Fintech Paymob partners with Yogosha for its bug bounty

Paymob joins forces with Yogosha and becomes the first Egyptian fintech to have a bug bounty program to strengthen its digital security.

Paymob offers innovative payment solutions for online businesses, and is now a leading fintech in Egypt and the MENA region. But success comes at a price: increasing digital risks. In addition to being a leader in its market, Paymob must also be a forerunner in cybersecurity. And since actions always outweigh words, Paymob is becoming the first Fintech in Egypt to adopt a bug bounty program.

"We transfer people's money, so we need people's trust. Everything is built on trust, which is about security. Everything else comes second.”

– Mostafa Menessy, Paymob Cofounder & CTO

 

Bug bounty, an additional security layer for Paymob’s systems

For Paymob, bug bounty is an additional security module that reinforces the internal Red Team, as well as the various security tests already in place. The bug bounty is part of an already mature security environment and processes, and will take place from the pre-production phase. In order to identify vulnerabilities that may have slipped through the cracks, it is therefore imperative for Paymob to involve particularly skilled talents. This is where Yogosha has become an obvious partner.

 

Yogosha elite hunters, a reinforcement for Paymob's internal offensive team

Yogosha’s community is private and selective. It gathers only the best elements of the ethical hacking scene. Only 20% of the candidates are selected after our very strict entrance tests, which are a guarantee of efficiency for our clients and partners.

Paymob's internal security teams will be in direct contact with the hunters, from the identification of a vulnerability to remediation and verification. It is therefore essential for Paymob to ensure qualified interlocutors in order to increase reactivity and reduce noise. Here again, the elitist nature of the Yogosha community was a determining factor.

“Our skilled offensive team is trained to deal with the digital threat landscape. They conduct many rounds of penetration testing on our internal environments and applications. What we expect from Yogosha's hunters is to find critical vulnerabilities that we may have missed. For our part, we are committed to welcoming them and providing the best triage experience in terms of response time, respect and expectations.”

– Mohamed Sadat, Paymob Head of Information Security

 

Promoting crowdsourced security in Egypt and the MENA region

With this partnership, Paymob becomes the first Egyptian fintech to embark on the bug bounty adventure. Proud of their roles as leading companies in their respective fields, Yogosha and Paymob hope to democratize the practice of bug bounty in Egypt and the MENA region.

“Here at Paymob, we don't just meet the minimum standards and compliance requirements. We need to be a cybersecurity role model for the Egyptian market as well as for the MENA region, so that others will follow us. Better security is only achieved as a whole.”

– Mostafa Menessy, Paymob Cofounder & CTO

Curious about the bug bounty adventure? Contact us and receive your first vulnerability reports in a few hours.