"Our public bug bounty program is as important to the security of our product and company as any other program we run within our Security Team."

"The program overview delivers contextual data across our vulnerability life cycle, allowing us to view trends and patterns over time so we can identify gaps and optimize our program."

"One of the best ways for us to augment our internal security team is to work with the white hat community. This was a pain before HackerOne but now is significantly easier."

"HackerOne fits naturally into how our team works, helping us respond and escalate quickly while keeping human judgment at the center. Anywhere, Anytime."

"When the same internal teams are testing an application for a long time, they lose that ‘fresh-eye’ perspective that often helps in finding interesting bugs."

"We’ve received a lot of guidance (on working with hackers) from HackerOne and it's been a great experience."

“We'll definitely add HackerOne to our security portfolio and leverage hacker-powered security services in the future.”

"We believe there is immense value in having a bug bounty program as part of our cybersecurity strategy, and we encourage all companies, not just those in the hospitality industry, to take a similar approach and consider bug bounty as a proactive security initiative."

"HackerOne is a well-known platform across the information security community which aggregates the most successful bug bounty programs to date."

"The success of the program helped us boost our cybersecurity in a matter of weeks."

"A greater amount of diverse vulnerabilities allows us to identify and improve our SDL more efficiently and to keep learning new trends and approaches about vulnerabilities, new attack vectors, and blind spots."

“HackerOne’s reputation in the bug bounty market was top notch. Their community lends itself to real-world simulation and removes the bias from working with a more traditional vendor. You get pentesters with different backgrounds and areas of expertise, and HackerOne provided the flexibility and assurance we needed to meet budgeting, …

“We want to see a world where a launch means something regarding security. Buyers banding together to require minimum mandatory bug bounties would send a signal to new companies that they have to secure their users before they can make a sale.”

"If our bug bounty program can find at least one critical vulnerability per quarter for two or three quarters in a row, we know the program is worth the money we spend on it."

"The (HackerOne) triage team is like an extension of our own team. Worth every penny."