XUND is a health tech company that enables healthcare providers to digitize the patient journey and translate unstructured data into actionable insights. Founded in Vienna, in 2018, the scale-up covers the entire patient journey and enables digital interactions from prevention to diagnosis and monitoring. Their API is certified as a class IIa medical device in accordance with the EU Medical Device Regulation (MDR) and their technology is used as the first digital point of contact by leading insurance companies, hospitals, and pharmaceutical companies.


Prioritizing security is a must to build trust in healthcare


Building trust is paramount in the health tech industry. Patients increasingly demand reassurance as unsecured devices and data breaches pose significant threats in today's healthcare landscape.

Recognizing these critical challenges, the XUND team knew they needed to prioritize security from the ground up. Instead of waiting for attacks, they sought a partnership with a reliable ethical hacking company to ensure the security of their API and foster trust with patients and partners in the healthcare ecosystem.

Continuous cybersecurity testing integrated into the development pipeline

XUND initiated a collaboration with Hackrate to try their PTaaS offering. This initial engagement focused on comprehensive penetration testing for one month to ensure minimum guaranteed security testing coverage. To complement this effort, the Hackrate team also used HackGATE to monitor pentester activity and provide advanced insights into the testing process in real time.

Impressed by the positive outcomes, XUND opted to extend their collaboration with Hackrate into a continuous, private bug bounty initiative, integrated into their development lifecycle. To facilitate this integration, XUND and Hackrate established a test environment, following this approach:

  1. Building a testing environment

    XUND’s IT team built a dedicated testing environment where they deploy code, before pushing it to live production.

  2. Reporting and fixing vulnerabilities

    Hackrate’s skilled ethical hackers thoroughly test code in the test environment and report any vulnerability found directly to the security team so they can fix it before it goes live.


This preemptive approach ensures that only secure applications reach end users and offers peace of mind to the XUND team. By proactively addressing vulnerabilities, they foster a secure environment for both patients and healthcare providers.

“The hackers found a critical vulnerability in our system — luckily they were ethical hackers we hired to look for it! This is why private bug bounty programs are great: you can work with a global team whose sole job is to uncover any security vulnerabilities you might have before malicious hackers do.”

Mark Vinkovits

Mark Vinkovits
Head of Data Protection, XUND

Hackrate enabled XUND to enhance trust through proactive security

By adopting a proactive approach to security through PTaaS and continuous integration of security testing, XUND demonstrates a commitment to building and maintaining a trustworthy and secure development environment.

Partnering with Hackrate brought significant improvements for the company, such as:

  • Improved clarity

    Hackrate’s bug bounty provided XUND with a clear and detailed picture of their security posture, allowing them to make informed decisions about how to fix vulnerabilities.

  • Improved control

    The collaboration empowered the team to have greater control over the security testing process, enabling them to tailor the testing scope and schedule to their specific needs.

Impressed by the efficiency of the bug bounty program, the XUND team is adding Hackrate’s managed VDP to their security strategy to enhance their security posture further.

"Partnering with Hackrate for continuous security testing enables us to provide trustworthy services for our partners, and ensures that our software is always hardened against hackers."

Mark Vinkovits

Mark Vinkovits
Head of Data Protection, XUND

Robot illustration

It’s time to integrate bug bounty and vulnerability disclosure into your cybersecurity strategy.

Leverage Hackrate's global community of ethical hackers as an assurance against software bugs.

We {-}elp you

Our platform helps companies to identify software vulnerabilities in a cost-efficient way. It provides a secure and centralized view of ethical hacking projects for your company.

Hiventures Capterra G2 Rating

Hackrate Ethical Hacking Platform |
2024 ©

Széchenyi2020 infoblokk