Express Google OAuth Security Review

Nylas Announces First-Ever Program to Simplify the Google OAuth Verification Process and Security Assessment for Developers

4 min read

    Today, we are proud to announce a strategic partnership with Leviathan Security Group, a leading Information Security and Risk Management consulting firm. Together, we will be able to provide developers around the world with a simplified certification process for any application that accesses Gmail data. 

    Nylas’ Express Security Review offers Leviathan Security Group’s expert services at the lowest available rates and with priority, white-glove service for applications subject to Google’s OAuth mandatory verification process and security assessment. These services include end-to-end security evaluations and high-end penetration tests that mimic the work of sophisticated attackers to ensure applications that integrate with Gmail data are fully-compliant with Google’s security policies.

    Nylas & Leviathan Security Group: The Backstory

     In 2019, Google modified their security policies to require a step-by-step verification and annual assessment for developers accessing certain types of user data (what Google defines as “restricted scopes“) via the Gmail API. Average cost estimates have historically spanned from $15,000 to $75,000 USD. We’ve heard from our customers that this process can take anywhere from a few weeks to multiple months, depending on the complexity of the application that is being assessed.

    This is why we’ve partnered with Leviathan Security Group to create the Express Security Review. This one-of-a-kind program guarantees companies competitive rates without sacrificing quality. What do we mean by quality? We’re not talking just patches, point-in-time fixes, or box-checking exercises. With Leviathan Security Group’s unique integrated Risk Management and Information Security solutions, developers will improve the processes that lead to any issue and be able to take the next steps in their evolution to avoid future security risks.  

    The Path Forward for Developers

    Every application is unique and deserves to be reviewed with depth and rigor. So while we can’t guarantee a specific cost for every application that you submit, we can guarantee unmatched, white-glove service in completing Google Verification and the best practices gained from hundreds of companies supported through the Google Requirements

    As a leading provider of universal communications APIs that allow developers to quickly and securely connect their applications to every email, calendar, or contacts provider, we are excited to offer a turn-key solution that marries both software solutions via the Nylas platform and Leviathan’s industry-leading services to support the innovations of developers around the globe. Together, we can now remove the friction developers experience in launching software integrations and in turn decrease the time-to-market for the critical communications features that power modern customer engagement and productivity products.

    If you are a developer that needs help, please contact our team of platform specialists to get started with the Express Security Review. 

    For more information about how this data is used, please view our Privacy Policy.

    Related resources

    Implementing security by design at startups

    Building security by design is crucial, especially for startups and small businesses, where resources are…

    Building a security-first culture in your organization

    In a time where cyber threats are increasingly sophisticated and frequent, fostering a security-first culture…

    Nylas’ Response to the Log4j Vulnerability

    At Nylas, our information security team took action to investigate the Log4j vulnerability and found that our codebases were not impacted. As the incident unfolds, see how Nylas responded to identify the impact and protect customer data.