“The third party inspection of code adds a layer of confidence to ownCloud’s over 8M users and administrators. Enterprises know their deployment has undergone the rigors of ownCloud QA, their own testing, and the bounty-driven testing of security experts resulting in more secure file sharing for many environments.”

"HackerOne also played a crucial role in cutting down the noise so we could focus only on the valid issues."

"A vulnerability disclosure program with bug bounties signaled LocalTapiola reaching a new level of security sophistication, not only in the financial services arena, but in the wider cyber security world too."

"The (HackerOne) triage team is like an extension of our own team. Worth every penny."

"We believe there is immense value in having a bug bounty program as part of our cybersecurity strategy, and we encourage all companies, not just those in the hospitality industry, to take a similar approach and consider bug bounty as a proactive security initiative."

"We take advantage of the triaging services to help with our workload."

“We knew that to provide a secure digital experience for our customers, we needed a partner who could connect us with the diverse, global security researcher community, with a goal of identifying novel or unusual security issues on which traditional pentests don’t usually focus. So we decided to work with …

"A greater amount of diverse vulnerabilities allows us to identify and improve our SDL more efficiently and to keep learning new trends and approaches about vulnerabilities, new attack vectors, and blind spots."

"At Qualcomm, the security researchers we have worked with are not motivated by financial gains. Instead, they want to help us make our products more secure in order to protect more people."

"We obviously can’t hire enough engineers to protect against every possible vulnerability, but we can use our bug bounty program to add on-demand expertise where we need it and continuous coverage nearly everywhere else."

"There is a lot of education left to do, both to producers and customers of security-critical code. We hope bug bounty programs becomes an industry-standard, for the sake of security and stability of the entire industry."

"The program has been successful because of the continued contributions from diverse, talented researchers."

"When the same internal teams are testing an application for a long time, they lose that ‘fresh-eye’ perspective that often helps in finding interesting bugs."

"The success of the program helped us boost our cybersecurity in a matter of weeks."

“However, in order to become a trusted partner you need to go further than that. With HackerOne we were able to harness the expertise and skills of a huge hacker community in real time, so we could start applying fixes straight away.”