Building a SaaS as a solo founder. Enterprise companies have security teams, pentests, bug bounties. We have... hopes and prayers?
Curious how others approach this:
- Do you do any security testing before launch?
- Ever had a vulnerability reported? How'd it go?
- Bug bounty programs seem overkill for small products or are they?
Not looking for "just use Auth0" type answers. More interested in the practical stuff indie devs actually do (or skip and regret).