Milkman UNGUESS Security Bug Bounty solution

Milkman chose to rely on a crowd-based consulting service such as that offered by UNGUESS Security, looking to increase their level of security.

 The latest Clusit Report from 2022 estimates $6 trillion in damages due to cyberattacks. In the last two years alone, not only small and medium-sized enterprises have been affected, but also companies such as Luxottica and Toshiba, as well as Electronic Arts Inc and AxA, to name a few.

The choice of Milkman Technologies to rely on a crowd-based consulting service such as that offered by UNGUESS Security (the ethical hacking service of UNGUESS) aims to send a message to small, medium or large companies looking to increase their level of security. In this vein, crowd-based Penetration Testing and Continuous Cycle Vulnerability Assessment strategies are the most effective and sustainable methods, working closely with businesses to make them invulnerable to attacks.


Milan, April 2022 - 2021 was the year that saw a surge in digitisation processes, but it was also a period in which cyber attacks grew exponentially, with about 10% more than in 2020. According to the 2022 Clusit Report, in 2020, 1871 serious cyber attacks took place, growing by +12% globally. Among the most vulnerable sectors are Automotive (+200%), Research-Education (+128%), Hospitality – Hotels, Restaurants and Residences (+69%), Health (+62%), Institutions (+62%), Cloud Services (+52%) and Consulting Services (+50%)[1].

These figures call for reflection not only on the vulnerability of the individual's privacy, but also on that of companies, their intellectual property and information assets. More worrisome, in fact, are the estimates of the companies affected in 2021: from SolarWinds to Luxottica, as well as Electronic Arts Inc, Toshiba (Tokyo), JBS (Sao Paulo), as well as the car manufacturer Kia (Seoul) and the insurance group AXA (Paris). Many of the world's leading multinationals in various sectors have been breached despite the high levels of cybersecurity adopted.

Objective: to become invulnerable to attacks. Milkman Technologies and the WhiteJar community

Beginning with the pandemic that has accelerated digitalisation with remote working and the current crisis scenario due to the Russian-Ukrainian war, the danger of cyber attacks has increased exponentially, becoming a central theme for corporate managers, from the CEOs to IT Managers, who are today even more committed to finding new forms of defence and protection for company information, as well as customer, supplier and employee data. 

Indeed, in order to defend an organisation against cyberattacks, it is necessary to increase cybersecurity measures: the approach to cybersecurity includes all the security policies in place, the employee training programmes and the security solutions that the company has implemented, from malware to antivirus software. 

How is it possible to increase cybersecurity posture beyond standard Penetration Test services?

Often protection systems are very expensive and many companies choose to rely on more common approaches such as antivirus, firewalls, the use of proxies and the continuous updating of operating systems. However, such systems have a perimeter defence function, that is, they are used to block attacks coming from the outside and along the perimeter. These tools are not always enough and once cybercriminals find a breach in the perimeter, they can freely enter. In addition, many companies underestimate the fact that, in addition to the possibility of breaching perimeter security, it is the employees themselves who have direct access to company information systems.

Setting an example by investing in effective and powerful cybersecurity services and opting to be totally invulnerable is the approach chosen by Milkman Technologies. The technology provider company for the optimisation of home-delivery has chosen UNGUESS Security, to guarantee its customers and staff constant security over time, combining the single and certified expertise of each Ethical Hacker with that of a community that works at the service of companies and public bodies in a continuous cycle, guaranteeing the activation of security campaigns on an ongoing basis. One of the advantages of relying on the community was the speed of activation of the campaign that allowed us, in just 24 hours, from the kick-off call between Milkman Technologies and UNGUESS, to get started with the work and immediately increase the level of protection of the company thanks to the distributed and organised work of Ethical Hackers.


"At Milkman Technologies, safety is of the utmost importance as we need to ensure secure environments for customers and partners who use our technology. We chose WhiteJar because we believe in the power of collective knowledge and consider its crowdsourcing model a virtuous example of dynamic asset mining. A perfect solution to combat the ever-evolving threat of cybercrime. An entire community of brilliant minds is now in charge of protecting our technology, certifying its position among the safest in the sector where we operate," explains Antonio Perini, CEO of Milkman Technologies.

The service designed by Luca Manara, CEO of the innovative SME UNGUESS and Aldo Del Bo', Head of Cybersecurity at UNGUESS, allowed the company to launch a Remediation strategy through a method based on the sharing of collective intelligence.

Whitejar's Ethical Hackers thus work to support the protection systems already activated by the company, with the aim of carrying out an in-depth assessment the health status of the systems, increasing the security level and eliminating areas of vulnerability.

"The Bug Security Bounty service of UNGUESS allows to runPenTests (PT) and Vulnerability Assessments (VA), in parallel to the company's standard integrated protection systems. The community does not want to act as an alternative: if a company needs to test a specific asset at a certain time and has a certain software, it can do so either in a traditional way or by integrating a system such as WhiteJar. Indeed, another of the problems of many companies, in addition to the costs and the lack of internal staff experienced in cybersecurity, is the fact that activating traditional PenTests and VAs is a slow process or in any case not immediate and above all not scalable, therefore not in step with business needs. In addition, PT companies often follow a checklist of items to be tested, while the Bug Security Bounty approach offered by WhiteJar is certainly more proactive and creative," concludes Andrea Nadelle, Cybersecurity Architect at UNGUESS.


[1]Clusit 2022 Report: 


 Milkman Technologies

Milkman Technologies ( offers a technology suite for the organisation of last mile delivery operations. The platform was designed for companies and logistics departments to optimise the planning and execution of deliveries, offering smart appointments and an interactive customer experience, as well as dynamic pricing to modulate consumer habits and operations optimised through hyper-automation and machine learning.
Milkman Technologies was founded in Italy in 2015 by two veterans of route optimisation for commercial fleets. Founded in 2015, the company now has €35 million in funding, international customers and offices across Europe.


Similar posts