Case Study HubSpot Case Study
Industry:
SaaS
Company Size:
8000+
Location:
Global
HubSpot is an AI-powered customer platform that connects businesses’ marketing, sales, and customer service teams with the tools and resources they need to grow better. With over 248,000 customers and a global footprint spanning 14 offices, cybersecurity isn’t just a priority— it’s the foundation everything else builds upon.
About HubSpot
HubSpot is an AI-powered customer platform that connects businesses’ marketing, sales, and customer service teams with the tools and resources they need to grow better. With over 248,000 customers and a global footprint spanning 14 offices, cybersecurity isn’t just a priority— it’s the foundation everything else builds upon.
That’s why HubSpot takes an “assumed breach” approach to penetration testing to prevent potential risks with the most extensive cybersecurity measures. HubSpot obsesses over providing value for customers. Alongside their numerous annual “Best Software Company” accolades in the areas of customer satisfaction, products, and more, a strong security posture is a cornerstone of what sets them apart in the competitive global SaaS market.
Primary Objective
When partnering with Packetlabs, HubSpot’s primary objective was to ensure the confidentiality of customer data and guarantee access control best practices for their global team.
With over 82% of breaches originating from the cloud in 2025, HubSpot’s cybersecurity team recognized that proactive penetration testing was critical to identify risks. That’s exactly what they partnered with Packetlabs to achieve.
Results
Packetlabs’ 100% tester-driven penetration testing approach uncovered potential hard-to-detect vulnerabilities and exploitable attack vectors that could be exploited. Their detailed, actionable report helped HubSpot’s IT team strengthen its global infrastructure and provided in-depth guidance on staying ahead of evolving cyber threats.
Some pentesting vendors give a list of inconsequential hypothetical vulnerabilities, which they then offer to remediate for an extra fee. Whereby an in-depth “assumed breach” approach allows my team to focus on where we’re vulnerable and to determine where to put our effort–and, because Packetlabs leaves remediation with my team, I can rest assured that their discovered vulnerabilities are both authentic and high-impact.
-Parker McGee, Engineering and Infrastructure Security Lead at HubSpot
Featured Posts
June 12 - Blog
What is an Initial Access Broker?
What is an initial access broker? With the emergence of Ransomware as a Service, operators often rely on initial access brokers to obtain an initial foothold on the network. Learn more today.
May 31 - Blog
New Ransomware Technique Emerges: Fake Ransomware Support
A new ransomware scam uses fake tech support tricking victims into paying for their files back: a novel technique designed to socially engineer victims among a number of fake ransomware attacks.
May 23 - Blog
Attack Surface Mapping for Proactive Cybersecurity
What is the Attack Surface and why does it matter? This article outlines the process of Attack Surface Mapping to ensure a comprehensive and proactive cybersecurity program.
