"The program overview delivers contextual data across our vulnerability life cycle, allowing us to view trends and patterns over time so we can identify gaps and optimize our program."

"Using the HackerOne platform helps us cultivate (hacker) relationships and complements the GitLab mission that everyone can contribute."

"Security bugs are going to be reported and they’re going to throw a wrench in your plans for the sprint/ month/quarter."

"Bug bounty programs are an important part of the modern software development lifecycle."

“HackerOne programs are a fundamental part of our cybersecurity strategy.”

“Over time, we’ve established secure development methodologies and quality testing schemes for the release of new components and changes to the platform, including the creation of a specific channel to address hacker reports, which are prioritized and included in the current sprint.”

“HackerOne's bug bounty program suited the modern and forward-thinking tech teams at loveholidays. HackerOne's unique approach gets the approval of our DevOps engineers, encouraging them to actively work with the security team to enhance loveholidays' security posture."

"If I were to build an internal team to find vulnerabilities on the same scale as HackerOne, it would be very challenging — security salaries aren’t cheap, and it would take a year to ramp up a team fully. Via HackerOne, I can get immediate access to experts who are …

"HackerOne Code not only gives us real-time security before code goes to production, we're seeing value in getting insight from professional developers in the industry."

"We tried pen testing before and found it very expensive and practically useless. The first week we launched HackerOne they found several high priority bugs. Huge value at the fraction of the costs."

"HackerOne also played a crucial role in cutting down the noise so we could focus only on the valid issues."

"If our bug bounty program can find at least one critical vulnerability per quarter for two or three quarters in a row, we know the program is worth the money we spend on it."

“Since the HackerOne Triage team is wellcalibrated on our scope, they offload some of the work from our security team, such as report triage, identifying duplicated reports, and scope mismatch. In other words, the HackerOne Triage team acts as an extension to our security team.”

"Using HackerOne saves our security team a large amount of time, but more importantly, it also saves our finance team a lot of trouble. Moving to the HackerOne platform allowed us to automate away all of the financial burdens, which are significant."

"HackerOne’s program overview provides deeper visibility into our program health. Our team can identify specific periods where targets are being hit and missed, and course-correct as necessary."