The platform integrates directly with customer relationship management (CRM) systems to enrich contact information with 200+ highly accurate business attributes, and flags new contact information in real time if prospects change jobs or get promoted.

Google Partnership and Commitment to Security

A critical piece of the Apollo.io user experience is driven by its integration with Google. Using Apollo for Google Chrome, sales teams can easily perform research on their target customers and build intelligent workflows on their existing customers, such as uncovering technology stacks, revenue, open job postings, and more. The Chrome extension also allows users to compose emails within Gmail, while toggling on Salesforce activity logging, and tracks when those emails are opened.

With some of the largest enterprises in the world integrating the Apollo.io platform with their CRM and email systems, the company makes security and data privacy its top priority. In addition, Apollo must meet certain security requirements set by Google to confirm that it’s securely handling Google user data, as well as conduct annual penetration tests to satisfy its ISO-27001 and SOC 2 compliance mandates.

“It’s very important for us to ensure we serve our customers in the most secure way and to protect ourselves from any malicious hackers.”

— Ray Li, Apollo Co-Founder and Chief Technology Officer

Engaging the Experts

Bishop Fox is one of a handful of security vendors approved by Google to participate in its security program. Since Google first introduced the mandatory assessment in 2019, Bishop Fox has evaluated more than 200 organizations and delivered an NPS Score of 100 on all its Google Partner Security Assessments conducted in 2021.

Apollo had worked with another vendor to perform its Google security assessments in the past, but when it wanted a firm that would be timely and more communicative, its search led them to Bishop Fox.

“We found Bishop Fox to be prompt and more responsive than other providers we have worked with.”

— Ray Li, Apollo Co-Founder and Chief Technology Officer

Apollo engaged Bishop Fox to assess the security of its application, external perimeter, and Google Cloud Platform (GCP) environment, as well as review its responses to Google’s required self-assessment questionnaire (SAQ).

The goals of the engagement:

• Assess the overall security of the Apollo.io application
• Identify vulnerabilities on systems and services exposed on the external network
• Perform a time-limited cloud security review of the GCP environment
• Verify that Google requirements are met and identify missing policies, defensive mechanisms, or processes that could threaten the global security posture of the organization and be used to access Google user data

Streamlined Process for ‘Speed of Light’ Remediation

From the project kickoff meeting to the delivery of the report, the process wrapped up in an efficient, three weeks-time. The engagement consisted of an application penetration test, external penetration test, cloud security review, and evaluation of Apollo’s SAQ responses.

During the application assessment, the Bishop Fox team discovered a cross-site scripting (XSS) vulnerability that could permit an attacker to inject arbitrary script code into a victim’s web browser. The team also determined that the Apollo.io password requirements were weak.

With Bishop Fox’s straight-forward recommendations and strategic considerations, the Apollo team successfully remediated these issues in less than a week. As a result, they not only satisfied Google’s requirements, but also ensured better security for their customers.

“We would definitely recommend Bishop Fox to other Google partners because they are very responsive and responsible. The pen test is very good, and the process is streamlined. We received solid actions to take after the assessment.”

— Ray Li, Apollo Co-Founder and Chief Technology Officer

About Apollo

Apollo.io is a leading data intelligence and sales engagement platform trusted by 168,000 companies and more than one million users globally, from rapidly growing startups to some of the world's largest enterprises. The platform integrates directly with CRM platforms so B2B sales professionals can find the right buyers at the right companies at the right time.