"At TikTok, we always want to be proactive rather than reactive. We aim to shift left, finding bugs at an early stage to ensure the safety of our environment before it goes live."

"AI red teaming allows us to explore the possibilities of what attackers might achieve—not just what’s likely. Working with HackerOne has shown us that human ingenuity often outperforms adversarial datasets or AI-generated attacks."

“HackerOne’s reputation in the bug bounty market was top notch. Their community lends itself to real-world simulation and removes the bias from working with a more traditional vendor. You get pentesters with different backgrounds and areas of expertise, and HackerOne provided the flexibility and assurance we needed to meet budgeting, …

"The program has been successful because of the continued contributions from diverse, talented researchers."

"Being able to have issues retested during the same engagement is a game-changer. That’s something that hasn’t been available in the past because traditionally, you didn’t receive the results of a penetration test until after the engagement was over."

"A vulnerability disclosure program with bug bounties signaled LocalTapiola reaching a new level of security sophistication, not only in the financial services arena, but in the wider cyber security world too."

"We decided that we needed a more diverse group of testers, while still meeting and exceeding compliance standards, which is what led us to HackerOne and the hacker-powered security model."

"The program overview delivers contextual data across our vulnerability life cycle, allowing us to view trends and patterns over time so we can identify gaps and optimize our program."

"Our researcher community’s approach is rooted in curiosity, creativity, and the relentless pursuit of finding flaws others might miss. This mindset is distinct from building and reinforcing technical models, yet it’s an essential complement. While internal teams focus on defending and aligning AI systems, engaging with a community of researchers …

“By enabling all teams that work in cybersecurity to better understand the root causes of real-life examples, we can avoid more issues earlier in the software development lifecycle. The HackerOne workshop helps to educate 100s of Sage employees and strengthen our capabilities and how we respond to situations.”

"We are employing strategies and programs, like our VDP with HackerOne, with the sole purpose of protecting our customers, their vehicles and their data."

"HackerOne also played a crucial role in cutting down the noise so we could focus only on the valid issues."

"The program with HackerOne has surfaced the most interesting results across all of our AI testing and is by far the most cost-effective."

"We can’t strive to be a great security team without you! You are part of my team!"

"We know that state-sponsored actors and black-hat hackers want to challenge and exploit our networks. We know that. What we didn't fully appreciate before this pilot was how many white-hat hackers there are who want to make a difference, who want to help keep our people and our nation safer."