Yes. A full penetration test is performed annually covering the platform. We also conduct assessments twice a year using our own team of testers to ensure any identified vulnerabilities are fully closed as part of our security vulnerability management process.
We also maintain a bug bounty program via HackerOne. More detail about this can be found here.