Case Study HubSpot Case Study
Industry:
SaaS
Company Size:
8000+
Location:
Global
HubSpot is an AI-powered customer platform that connects businesses’ marketing, sales, and customer service teams with the tools and resources they need to grow better. With over 248,000 customers and a global footprint spanning 14 offices, cybersecurity isn’t just a priority— it’s the foundation everything else builds upon.
About HubSpot
HubSpot is an AI-powered customer platform that connects businesses’ marketing, sales, and customer service teams with the tools and resources they need to grow better. With over 248,000 customers and a global footprint spanning 14 offices, cybersecurity isn’t just a priority— it’s the foundation everything else builds upon.
That’s why HubSpot takes an “assumed breach” approach to penetration testing to prevent potential risks with the most extensive cybersecurity measures. HubSpot obsesses over providing value for customers. Alongside their numerous annual “Best Software Company” accolades in the areas of customer satisfaction, products, and more, a strong security posture is a cornerstone of what sets them apart in the competitive global SaaS market.
Primary Objective
When partnering with Packetlabs, HubSpot’s primary objective was to ensure the confidentiality of customer data and guarantee access control best practices for their global team.
With over 82% of breaches originating from the cloud in 2025, HubSpot’s cybersecurity team recognized that proactive penetration testing was critical to identify risks. That’s exactly what they partnered with Packetlabs to achieve.
Results
Packetlabs’ 100% tester-driven penetration testing approach uncovered potential hard-to-detect vulnerabilities and exploitable attack vectors that could be exploited. Their detailed, actionable report helped HubSpot’s IT team strengthen its global infrastructure and provided in-depth guidance on staying ahead of evolving cyber threats.
Some pentesting vendors give a list of inconsequential hypothetical vulnerabilities, which they then offer to remediate for an extra fee. Whereby an in-depth “assumed breach” approach allows my team to focus on where we’re vulnerable and to determine where to put our effort–and, because Packetlabs leaves remediation with my team, I can rest assured that their discovered vulnerabilities are both authentic and high-impact.
-Parker McGee, Engineering and Infrastructure Security Lead at HubSpot
Featured Posts
July 28 - Blog
7 Free and Open Source Tools for Binary Diffing
Reverse engineers rely on binary diffing for malware and vulnerability analysis and more. Here are 7 open-source tools that offer advanced capabilities for analyzing code-level changes in binary executables.
July 16 - Blog
Loader Malware and its Role in the Cyberattack Lifecycle
Loader malware plays a critical role in the middle stages of the cyber attack lifecycle. Explore how attackers use it to import various types of malware in the attacker's environment while evading detection.
July 15 - Blog
The OSI Model's Seven Layers of Cyberattack
Learn the OSI conceptual model and its seven layers to better understand network communications, and plan defensive security operations such as penetration testing campaigns, and threat modelling.
