At Flusk, we are working on the security of Bubble applications.
We did a lot of security audits, and we finally managed to automate 90% of them internally. So we will soon release a security tool to do automated audits on Bubble applications.
Here are some of the points we cover:
- Privacy rules checker
- Swagger / Editor privacy
- Bad redirections / Compromised page access
- Admin injections
- URL parameter brute-forcing
- Cookie exploit
- XHR requests crawler / Misconfigured do a search
- Sensitive URL parameters, headers and URLs in APIs
And some of the already integrated features:
- Automated test when pushing a version live
- Multi-branch/version support
- Unlimited tests
- Complete explanations about issues and solutions
- Full support through chat and video call
We need beta testers (agencies, freelancers and developers) to help us build the product hand in hand with our users and to know how we can best integrate into their app production processes.
If you want to help us make the Bubble ecosystem more secure, feel free to reply and we’ll invite you to our private Alpha so you can test and give us your feedback.
Otherwise, we’re planning on releasing the tool for an open beta by March 2023!
We’ll post updates here as we move forward with the tool.
See you soon!
Victor from Flusk