"We take advantage of the triaging services to help with our workload."

"Hai gives us actionable suggestions that have eliminated busy work, so we can complete tasks faster and think strategically about continuously improving our overall cybersecurity posture."

"HackerOne has been much more successful at finding problems than general penetration tests have been for us."

"We know that state-sponsored actors and black-hat hackers want to challenge and exploit our networks. We know that. What we didn't fully appreciate before this pilot was how many white-hat hackers there are who want to make a difference, who want to help keep our people and our nation safer."

"We know for a fact that sending a wide variety of hackers into a wide environment will result in something meaningful. It is a fact. We cannot hire every amazing hacker and have them come work for us, but we can do these crowdsourced bug bounties. I’m done with being …

"The ideal end-state is that bug bounties become a regular, common tool in securing all IT assets across the Department of Defense. We will always have security vulnerabilities. We can approach that reality one of two ways: we can deny it, or we can be proactive, open to it and …

“We want to see a world where a launch means something regarding security. Buyers banding together to require minimum mandatory bug bounties would send a signal to new companies that they have to secure their users before they can make a sale.”

"With HackerOne and their triage services we now have a sturdy database with ticketing capabilities. Here at AlienVault we’ve also taken advantage of their 3rd party ticketing system integration so once the triage team deems a ticket both a valid vulnerability and not a duplicate, we create a ticket directly …

“Their bug bounty program is world-class, a top HackerOne researcher. “They value our input and care about security across their entire ecosystem.”

“By enabling all teams that work in cybersecurity to better understand the root causes of real-life examples, we can avoid more issues earlier in the software development lifecycle. The HackerOne workshop helps to educate 100s of Sage employees and strengthen our capabilities and how we respond to situations.”

"In addition to some amazing, creative submissions, we’ve received some incredible feedback from researchers. In just a few short months, we’ve used that feedback to make substantial changes to our scope, payments, and transparency. We want hackers to challenge and educate us, and build a trusting and respectful relationship that …

“HackerOne's bug bounty program suited the modern and forward-thinking tech teams at loveholidays. HackerOne's unique approach gets the approval of our DevOps engineers, encouraging them to actively work with the security team to enhance loveholidays' security posture."

"If I were to build an internal team to find vulnerabilities on the same scale as HackerOne, it would be very challenging — security salaries aren’t cheap, and it would take a year to ramp up a team fully. Via HackerOne, I can get immediate access to experts who are …

"Our goal was to increase visibility into hidden vulnerabilities and strengthen our overall security posture in a way that complemented our internal efforts."

"Our public bug bounty program is as important to the security of our product and company as any other program we run within our Security Team."