Application-level encryption by default
Intigriti’s application-level encryption ensures that all data is encrypted from the moment it enters our servers. This mechanism is not limited to bug bounty customers but applies to all clients using our services. A 512-bit master key is used to generate subkeys for specific uses, which are rotated every 30 days. NIST’s Recommendation for Key Derivation Using Pseudorandom Functions (PDF) is also used in this process to enhance the security of the encryption further.
Multi-layered protection
Every security vulnerability submitted to the Intigriti platform is encrypted on multiple levels, including submission, company, and user. Encrypted variants of the submission key are available for every researcher, and the process for decrypting and viewing the submission involves retrieving the user key, decrypting the submission key, and decrypting the content.
For customers, there is another variant of the submission key that is encrypted with the company key, which every company member has a copy of and needs to decrypt with their user ID. The decryption process involves retrieving the encrypted company key, retrieving the user key, decrypting the company key, decrypting the submission key, and finally decrypting the submission content.
FIPS 140-2-certified Google Cloud Hardware Security Module (HSM) is used for encryption in the database. The 512-bit root key is encrypted, and access to it is restricted by the HSM’s security features. An assailant would need to have cloud environment access to the HSM or take over the entire Google HSM service to obtain the root key. Additionally, an attacker would still need to obtain the submission keys stored in the database to decrypt the content.
Responsible data handling
Intigriti takes its responsibility in keeping customer data secure seriously, and our application-level encryption sets us apart from the competition. When it comes to compliance, Intigriti’s data destruction process is quick and effective because once the encryption keys are deleted, the customer data is rendered useless.