"HackerOne also played a crucial role in cutting down the noise so we could focus only on the valid issues."

"Our public bug bounty program is as important to the security of our product and company as any other program we run within our Security Team."

"Bug bounty programs are an important part of the modern software development lifecycle."

"We decided that we needed a more diverse group of testers, while still meeting and exceeding compliance standards, which is what led us to HackerOne and the hacker-powered security model."

"We have an industry-leading vulnerability disclosure program that protects ethical researchers and partnered with HackerOne to include sensitive vendors in the scope of our bug bounty program to help protect our entire ecosystem. Our hope is that bug bounty programs like ours continue to spearhead a culture of collaboration and …

“We'll definitely add HackerOne to our security portfolio and leverage hacker-powered security services in the future.”

"At Qualcomm, the security researchers we have worked with are not motivated by financial gains. Instead, they want to help us make our products more secure in order to protect more people."

"When the same internal teams are testing an application for a long time, they lose that ‘fresh-eye’ perspective that often helps in finding interesting bugs."

"With a normal pentest, you don’t get vulnerability reports until the engagement is over. That’s not ideal, because it means vulnerabilities go unfixed for longer, and you can’t have issues retested without booking a whole new engagement. HackerOne Pentest solved both of these problems for us, and enabled us to …

“We want to see a world where a launch means something regarding security. Buyers banding together to require minimum mandatory bug bounties would send a signal to new companies that they have to secure their users before they can make a sale.”

"HackerOne is a well-known platform across the information security community which aggregates the most successful bug bounty programs to date."

"We chose HackerOne as it not only connected us to an existing community of seasoned security researchers but also offered productivity features that automated aspects of the bug bounty triage process."

"The (HackerOne) triage team is like an extension of our own team. Worth every penny."

"We obviously can’t hire enough engineers to protect against every possible vulnerability, but we can use our bug bounty program to add on-demand expertise where we need it and continuous coverage nearly everywhere else."

"There is a lot of education left to do, both to producers and customers of security-critical code. We hope bug bounty programs becomes an industry-standard, for the sake of security and stability of the entire industry."