CloudQix hosted its first Security Hackathon (May 17-19). The goal was simple: open our no-code integration platform to outside testers and invite them to challenge its security assumptions before public launch.
We’d like to thank everyone who participated. The creativity and professionalism of the security community were on full display, and the feedback we received helped us strengthen the platform ahead of release.
Summary of Findings
- Multiple valid submissions were reviewed by our engineering team
- Issues ranged from low to high severity, including access control validation, input handling, and interface behaviors
- The most critical item, related to authorization logic, has already been resolved
- Additional improvements have been made to hardening, input validation, and UI responses based on the findings
What We’re Doing Next
- Fixing all Medium and High Impact issues before the Early Access launch
- High-impact vulnerabilities have already been patched
- Medium and low-priority issues are being addressed in the current sprint
- Internal security controls and review processes are being updated to reflect what we learned during the event
Acknowledgment
We want to specifically recognize Charles DeBord and Tarek Soufi for their standout contributions. Both submitted well-documented, high-impact findings that led directly to platform improvements.
Thank you again to everyone who participated. Events like this help us build a more secure product and reinforce our commitment to continuous improvement.