We consider that the Bug Bounty is mandatory for any company that wants to maintain a good security level. You need to be in a reactive and proactive security, especially when you’re a SaaS solution with fast evolving code. Jenji does about 30 releases per month, regressions and differences from one API to another are possible. This is why we chose to do Bug Bounty with Yogosha : we wanted to benefit from the offensive mindset, and to understand how to exploit the system from outside.