🎉 Offering full Bubble app audits for... $1!

Hey everyone!

• a recruitment portal fully exposing the names, addresses, application questions, responses, and more, of over 300,000 users
• a VC funded B2B app leaking sensitive pricelists and company data to competitors
• a creative business leaking children’s names, addresses, and sensitive info (including adoption status!)

These are just a few of the issues we’ve found when we’ve audited dozens of Bubble apps over the past year. Don’t want to be one of them?. My agency, Not Quite Unicorns, has been quietly offering audits in order to refine our product offering and meet new clients.

We’re happy to announce that for a limited time, we’ll be completing full app audits for $1!

Why, how?!

We recently became a Certified Silver Tier Agency, after launching only one year ago. This was only possible because of the great value our team provides to our clients. Now, we want to meet more people with existing apps that could benefit from an audit. Nothing frustrates me more than seeing apps developed by founders, freelancers, and even agencies that are spewing user data for the world to see!

We’ve written lots of (I think) helpful posts here, including how to protect your payment logic, the public parts of your Bubble app that you didn’t even know about, and more.

What kind of stuff do you look at?

Almost all apps have at least one critical vulnerability, often publicly exposing user data, allowing payment exploits, and more. Bubble doesn’t shove security down your throat, but that doesn’t make it unnecessary. We don’t just look at security - we look at your whole app from three perspectives:

• security (exploits, data protection)
• performance (WU, browser speed, database structure, and editor techniques)
• user experience (can we understand your app, as a new user?)

What you get

After you’re audit, we’ll send you a full document with a detailed list all of the issues we were able to identify. In addition, each issue contains a brief description of the fix, so that you can fix it yourself or with any developer. Our audits come with clear, prioritised recommendations and next steps so that you can continue your app’s development, with another developer or with us.

How to get your audit

You can order straight from here, or if you have more questions about our offering, visit our audit information page. Audits are turned around within 48 hours. Use the coupon code SILVERAUDIT on checkout. We’re only able to view test data (unless, of course, your data is publicly available), and are not able to edit your app at all. We are also able to sign an NDA, which you can submit in the order form.

Here’s what a few of our past audit clients had to say, and you may recognise some of their friendly faces (or avatars!) from here!

testimonials1200×1600 181 KB

Incredible offer @georgecollier

Still on development for now but i hope i’ll be able to do that with you before the launch of my project !

this is a superb deal. looking to order soon

Hey all, this offer is still on the table!

Did you know that 11.5% of live Bubble apps have public editors, allowing anyone to read data and run as live users (including admin users) and in some cases, edit the app and deploy to live?

That increases to 15.3% for apps built by agencies!

You can make sure that’s not the case for your app by going to Settings → General → ‘Define who can see and modify the app’ → Private.

CleanShot 2024-06-22 at 11.58.49@2x2818×454 34.5 KB

I got a discrete message from George advising that an app I had previously worked on had the Editor open. Oh dear - I contacted the owner, they were pleased to know and correct it.

Thank you @georgecollier for letting me know. Now we all look like good guys, and Bubble is more secure.

I’d suggest getting in touch with George if you have any doubts and protect your own and the ecosystem’s reputation.

Just to be clear - It wasn’t me who opened up the Editor … I suspect the app owner did it ill-advisably for another freelancer …

Hi @georgecollier

Thanks so much for putting this offer out there

Quick question, how long will this be available for? I am really interested but am not done with my application just yet.

As long as the volume of new work justifies the audit price (of course it costs us more than $1 to do an audit, but we can mostly pay for that as some clients will continue to work with us in future because they can see we know their app inside and out). There’s never any obligation to continue with us - the issues identified all have solutions described too, so you can do it yourself, or with another developer, but we do a great job hence lots choose to work with us and this is a great way to meet people!

Ah, I see. Okay well hopefully it is still available a little further down the line. Either way, I think it is really great what you’re doing, so thank you regardless.

For anyone on the fence about this, DO IT! George & his team have been fantastic! They did an audit on my project and it was way more thorough than I was expecting, covering security, performance, UX & a summary section with a couple most important actions they believed I should take first. I ended up moving forward with them on their monthly plan and it has been AMAZING! I can’t keep up with how quick they are. So thankful I found them!

Thanks for much for the feedback Jessica! We’re really enjoying working on your app.

If anyone’s else is ordering, could you kindly not use the ‘order straight from here’ link on this forum post and instead go to Not Quite Unicorns | Unlimited web development and order from there? I can’t edit the link in the original post here as it’s too old

As a skeptic by nature, I rarely expect much from services like this, but the audit provided by George and his team is worth its weight in gold. There’s truly nothing to lose by giving it a try.

George is a true expert, with extensive knowledge and experience. His team consists of senior developers based in both the US and UK, meaning you’re not paying senior rates for junior-level work who located elsewhere.

What really stands out is his honesty, transparency, and extremely fair pricing for the quality of service you receive.

My only regret is not finding his agency sooner. I’ll be recommending his services to everyone I know

Haha, it used to be $89 by default (still a steal!) so took off $88. Now no discount code is needed I doubt the $1 would’ve broken me but thank you!

Happy to help you! Without going into app specifics publicly, this client’s marketplace project was delivered by a Gold tier agency without any privacy rules configured (so entire database public) and attached almost all data to the User data type, among many other issues.

They were able to send our audit back to the agency that delivered it and are now making them set up the basic security practices and improvements that should’ve been delivered in the first place.

@georgecollier and of course the agency is no longer gold I presume? Or once gold, always gold? No matter how bad the products they deliver?

Iam interested

Gold tier has nothing to do with quality, it’s only about size and amount of money they contribute to bubble…of course nobody would expect that when bubble uses terms like gold, silver and bronze instead of the more relevant Large, Medium and Small

** @boston85719 ** you’re truly a gem in this community! Your unique perspective and skills shine through in every post. When you share your thoughts, it’s always on point and incredibly insightful.

I always look forward to your posts because your replies are not only clear but also packed with something valuable to learn. The way you articulate Bubble-related terms and concepts is exceptional. Thank you for being such a great contributor to this community!